GithubHelp home page GithubHelp logo

awesome-archive / gsil Goto Github PK

View Code? Open in Web Editor NEW

This project forked from feeicn/gsil

0.0 0.0 0.0 53 KB

Github Sensitive Information Leakage(Github敏感信息泄露)

License: GNU General Public License v3.0

Python 100.00%

gsil's Introduction

GSIL(GitHub Sensitive Information Leak)

中文文档

Monitor Github sensitive information leaks in near real time and send alert notifications.

Installation

Python3(Python2 is not tested)

$ git clone https://github.com/FeeiCN/gsil.git
$ cd gsil/
$ pip install -r requirements.txt

Configuration

gsil/config.gsil: Alarm mailbox and Guthub configuration

[mail]
host : smtp.exmail.qq.com
# SMTP port (Not SSL port, but will use TLS encryption)
port : 25
# Multiple senders are separated by comma (,)
mails : [email protected]
from : GSIL
password : your_password
# Multiple recipients are separated by comma (,)
to : [email protected]

[github]
# Whether the scanned data will be cloned to the local area immediately
clone: false

# Github Token, multiple tokens are separated by comma (,)
# https://github.com/settings/tokens
tokens : your_token

gsil/rules.gsil: scanning rules

Generally, The best rule is the characteristic code of the intranet(Example: mogujie's extranet is mogujie.com, intranet is mogujie.org. At this time, mogujie.org can be used as a rule)

There are other similar code head characteristic code, external mailbox characteristic code, and so on

field meaning optional default describe
keyword key word required - When multiple keywords are used, space segmentation is used(Example: 'username password'), When you need a precise search, use double(Example: "quotesele.me")
ext file suffix optional all suffixes Multiple suffixes are separated by comma(Example: java,php,python)
mode matching mode optional normal-match normal-match(The line that contains the keyword is matched, and the line near the line is matched) / only-match(Only the lines that match the key words7) / full-match(Not recommended for use)(The search results show the entire file) 
{
    # usually using the company name, used as the first parameter to open the scan(Example:`python gsil.py test`)
    "test": {
        # General use of product name
        "mogujie.com": {
            # Internal domain name of the company
            "\"mogujie.org\"": {},
            # Company code's characteristic code
            "copyright meili inc": {},
            # Internal host domain name
            "yewu1.db.mogujie.host": {},
            # External mailbox
            "mail.mogujie.com": {}
        }
    }
}

Usage

$ python gsil.py test
$ crontab -e

# Run every hour
0 * * * * /usr/bin/python /var/app/gsil/gsil.py test > /tmp/gsil
# Send a statistical report at 11 p. m. every night
0 23 * * * /usr/bin/python /var/app/gsil/gsil.py --report

gsil's People

Contributors

blackhole1 avatar feeicn avatar h4rdy avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.