OSINT tool to get information from a Github and Gitlab profile and find user's email addresses leaked on commits.

Overview

gitrecon

OSINT tool to get information from a Github or Gitlab profile and find user's email addresses leaked on commits.

πŸ“š How does this work?

GitHub uses the email address associated with a GitHub account to link commits and other activity to a GitHub profile. When a user makes commits to public repos their email address is usually published in the commit and becomes publicly accessible, if you know where to look.

GitHub provide some instructions on how to prevent this from happening, but it seems that most GitHub users either don't know or don't care that their email address may be exposed.

Finding a GitHub user's email address is often as simple as looking at their recent events via the GitHub API.

Idea and text from Nick Drewe.

Source: https://thedatapack.com/tools/find-github-user-email/

❗ Disclaimer

As @pielco11 warned, emails and other data can be spoofed in commits.


βœ”οΈ Prerequisites


πŸ› οΈ Installation

git clone https://github.com/GONZOsint/gitrecon.git
cd gitrecon/
python3 -m pip install -r requirements.txt

It is possible to use a Github access token by editing line 3 of the modules/github_recon.py file. This will prevent a possible API ban.

It is possible to use a Gitlab access token by editing line 3 of the modules/gitlab_recon.py file. This will prevent a possible API ban.

token = '<Access token here>'

πŸ”Ž Usage

usage: gitrecon.py [-h] -s {github,gitlab} [-a] [-o] username

positional arguments:
  username

optional arguments:
  -h, --help          show this help message and exit
  -s {github,gitlab}  sites selection
  -a, --avatar        download avatar pic
  -o, --output        save output

Results are saved in results/<username>/ path.


βš”οΈ Features

  • Gitlab and Github leaked emails on commits

  • Gitlab and Github SSH keys

Github SSH keys Gitlab SSH keys
ID ❌
❌ Tittle
❌ Created at
❌ Expires at
Key Key
  • Gitlab and Github profile info

Github profile info Gitlab profile info
Username Username
Name Name
User ID User ID
❌ State
❌ Status
Avatar url Avatar url
Email Email
Location Location
Bio Bio
Company Organization
Organizations ❌
❌ Job title
❌ Work information
Blog Web
Gravatar ID ❌
Twitter Twitter
❌ Skype
❌ Linkedin
Followers Followers
Following Following
Created at Created at
Updated at ❌

πŸ”’ Prevention

Configurations on Github:

Configurations on Gitlab:

  • Settings url: https://gitlab.com/-/profile

    • βœ”οΈ Public email: do not show on profile

    • βœ”οΈ Commit email: use a private email

Owner
GOΞ ZO
GOΞ ZO
A Python wrapper for the Yelp API v2

python-yelp-v2 A Python wrapper for the Yelp API v2. The structure for this was inspired by the python-twitter library, and some internal methods are

Matthew Conlen 12 Oct 24, 2017
Simple library for logging to Loggly

#Hoover A python wrapper used to hit the Loggly. API For more information on Hoover see http://wiki.loggly.com/hooverguide ##Install With this git rep

Hoover Loggly 34 May 19, 2021
An alternative launcher for Lunar Client which is aimed at portability and functionality.

Portaluna An alternative launcher for Lunar Client which is aimed at portability and functionality. Features Portable. Lightweight. Functional. Note:

4 Mar 05, 2022
Python implementation for PetitPotam

PetitPotam Coerce NTLM authentication from Windows hosts Installtion $ pip3 install impacket Usage usage: petitpotam.py [-h] [-debug] [-port [destinat

Oliver Lyak 137 Dec 28, 2022
An API wrapper for discord; maintained and improved from discord.py

Fusion.py Documentation What is Fusion.py you might ask; Fusion.py is a Discord.py fork that has most of the good features from most of the big Discor

Senarc Studios 5 Apr 19, 2022
Recommendation systems are among most widely preffered marketing strategies.

Recommendation systems are among most widely preffered marketing strategies. Their popularity comes from close prediction scores obtained from relationships of users and items. In this project, two r

SΓΌbeyte 8 Oct 06, 2021
WhatsApp API Python ChatBot

WhatsApp Api Python - Esta documentaΓ§Γ£o tem como objetivo exemplificar o uso do Moorse Whatsapp API na linguagem Python.

Douglas Alves 2 Jan 06, 2022
ShoukoKomiRobot - An anime themed telegram bot that can convert telegram media

ShoukoKomiRobot β€’ π•Žπ•£π•šπ•₯π•₯π•–π•Ÿ π•€π•Ÿ Python3 β€’ π•ƒπ•šπ•“π•£π•’π•£π•ͺ π•Œπ•€π•–π•• Pyrogram

25 Aug 14, 2022
HelpDESK Dynamics

Helpdesk Application The project is a Helpdesk application (Helpdesk dynamics) where staff of an organization can raise and assign job/trouble tickets

Okeoma Ihunwo 0 Nov 14, 2021
❄️ Don't waste your money paying for new tokens, once you have used your tokens, clean them up and resell them!

TokenCleaner Don't waste your money paying for new tokens, once you have used your tokens, clean them up and resell them! If you have a very large qua

0xVichy 59 Nov 14, 2022
⚑ Simple mass dm selfbot for Discord written in python3.

Zapp Simple mass dm selfbot for Discord written in python3. Warning. This project was made for educational purposes only! I take no responsibility for

Ρ΄ΞΉcΠ½Ρ‡ 34 Nov 01, 2022
IOGen - An Open source discord token generator

_____ ____ _____ |_ _/ __ \ / ____| | || | | | |

0xVichy#1234 85 Nov 03, 2022
PS3API - PS3 API for TMAPI and CCAPI in python.

PS3API PS3 API for TMAPI and CCAPI in python. Examples Connecting and Attaching from ps3api import PS3API PS3 = PS3API(PS3API.API_TMAPI) if PS3.Conn

Adam 9 Sep 01, 2022
Me and @nathanmargni did a small analysis on what are the best strategies to win more games of League of Legends.

Me and @nathanmargni did a small analysis on what are the best strategies to win more games of League of Legends.

Christian Berchtold 2 Jan 19, 2022
A synchronous, object oriented API wrapper for thecatapi

cats.py A synchronous, object oriented API wrapper for thecatapi Table Of Content cats.py Table Of Content Installation Usage Contributing FAQ License

Marcus 2 Feb 04, 2022
Guildead - Guilded api wrapper written in python

Guildead Guilded api wrapper written in python. I have found "exploit" (guilded

0Ρ…VΞΉcΠ½y#1337 5 Sep 23, 2022
Represents a Lavalink client used to manage nodes and connections.

lavaplayer Represents a Lavalink client used to manage nodes and connections. setup pip install lavaplayer setup lavalink you need to java 11* LTS or

HazemMeqdad 37 Nov 21, 2022
ImaginaryTicketing is a simple ticketing system for running CTF Competitions on discord.

ImaginaryTicketing ImaginaryTicketing is a simple ticketing system for running CTF Competitions on discord. Be sure to checkout ImaginaryCTF. See docs

GudOreos 8 Jul 18, 2022
Easily update resume to naukri with one click

NAUKRI RESUME AUTO UPDATER I am using poetry for dependencies. you can check or change in data.txt file for username and password Resume file must be

Rahul.p 1 May 02, 2022
Slam Mirror Bot is a multipurpose Telegram Bot written in Python for mirroring files on the Internet to our beloved Google Drive.

Slam Mirror Bot is a multipurpose Telegram Bot written in Python for mirroring files on the Internet to our beloved Google Drive.

Abinash939 1 Oct 10, 2021