Skip to content
/ Removed-commits-finder Public

OSINT tool to find deleted commits from a GitHub repository.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

math-x-io/Removed-commits-finder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
meme-leak-password.png
meme-leak-password.png
 
 

Repository files navigation

Presentation:

This OSINT tool was created following the release of the following article and the rump of Frederick Kaludis during Winerump 2024, it allows you to find all the commits deleted from a GitHub repository using the API.

Operation:

We do a first fetch on the /commits endpoint and another on the /events endpoint. We then compare the two responses by looking for events of type "PushEvent." If the event is not in the commits, then it is a deleted commit.

Usefulness:

During a security audit or a pentest, it can be interesting to examine the commits deleted from an organization's repository to find sensitive informations.

img

⚠️ Warning: This tool is reserved for professionals, I am not responsible if you use it illegally.

Features:

  • Automatic recovery of all public repositories of a user
  • Intuitive and simple interface

Setup & usage

Create a .env file

touch .env
echo 'GITHUB_TOKEN = "{your github api key}"' >> .env

Build

go build main.go

Run !

./main

Thanks

I would like to personally thank Frederic for his presentation and for taking the time to give me some additional explanations after his presentation.

About

OSINT tool to find deleted commits from a GitHub repository.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages