Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Diver - Extract data and look for secrets #162

Open
pylapp opened this issue Apr 22, 2024 · 0 comments
Open

Diver - Extract data and look for secrets #162

pylapp opened this issue Apr 22, 2024 · 0 comments
Labels
enhancement New feature or request feature-diver Enhancement related to the diver feature feature-new Enhancement for a new feature (which has not its GitHub label) Good first issue Sample issues for newcomers hacktoberfest Good issue for newcomers or Hacktoberfest contributors

Comments

@pylapp
Copy link
Member

pylapp commented Apr 22, 2024

Description

As an open source referent or a GitHub admin,
I want a tool which will look for secrets, hotwords or sensitive data in both Git history and versioned project,
so that I will be able to warn users and improve detection and management of leaks an reduce risks of social engineering.

Details

  • Gitleaks can be used in the repository
  • Emails can be extracted using regular expression
  • First name and last name also
  • Some warnings can be done if emailsd does not match a dedicated pattern
  • Internal identifier can be searched using regular expression (abcd1234, stuff like that)
  • Maybe also phone numbers
  • In outputs, maybe, a CSV file pointing commits hashs, type of data and value of data

Maybe related to #148 (extract contributors and get emails and names)

Maybe following scripts can be used:
@pylapp pylapp added enhancement New feature or request feature-diver Enhancement related to the diver feature feature-new Enhancement for a new feature (which has not its GitHub label) Good first issue Sample issues for newcomers labels Apr 22, 2024
@pylapp pylapp added the hacktoberfest Good issue for newcomers or Hacktoberfest contributors label Oct 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request feature-diver Enhancement related to the diver feature feature-new Enhancement for a new feature (which has not its GitHub label) Good first issue Sample issues for newcomers hacktoberfest Good issue for newcomers or Hacktoberfest contributors
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pylapp