OSINT tool to get information from a Github and Gitlab profile and find user's email addresses leaked on commits.

Related tags

Third-party APIs Wrappersgitrecon
Overview

gitrecon

OSINT tool to get information from a Github or Gitlab profile and find user's email addresses leaked on commits.

๐Ÿ“š How does this work?

GitHub uses the email address associated with a GitHub account to link commits and other activity to a GitHub profile. When a user makes commits to public repos their email address is usually published in the commit and becomes publicly accessible, if you know where to look.

GitHub provide some instructions on how to prevent this from happening, but it seems that most GitHub users either don't know or don't care that their email address may be exposed.

Finding a GitHub user's email address is often as simple as looking at their recent events via the GitHub API.

Idea and text from Nick Drewe.

Source: https://thedatapack.com/tools/find-github-user-email/

โ— Disclaimer

As @pielco11 warned, emails and other data can be spoofed in commits.

โœ”๏ธ Prerequisites

๐Ÿ› ๏ธ Installation

git clone https://github.com/GONZOsint/gitrecon.git
cd gitrecon/
python3 -m pip install -r requirements.txt

It is possible to use a Github access token by editing line 3 of the modules/github_recon.py file. This will prevent a possible API ban.

It is possible to use a Gitlab access token by editing line 3 of the modules/gitlab_recon.py file. This will prevent a possible API ban.

token = '<Access token here>'

๐Ÿ”Ž Usage

usage: gitrecon.py [-h] -s {github,gitlab} [-a] [-o] username

positional arguments:
  username

optional arguments:
  -h, --help          show this help message and exit
  -s {github,gitlab}  sites selection
  -a, --avatar        download avatar pic
  -o, --output        save output

Results are saved in results/<username>/ path.

โš”๏ธ Features

  • Gitlab and Github leaked emails on commits

  • Gitlab and Github SSH keys

Github SSH keys Gitlab SSH keys
ID โŒ
โŒ Tittle
โŒ Created at
โŒ Expires at
Key Key

  • Gitlab and Github profile info

Github profile info Gitlab profile info
Username Username
Name Name
User ID User ID
โŒ State
โŒ Status
Avatar url Avatar url
Email Email
Location Location
Bio Bio
Company Organization
Organizations โŒ
โŒ Job title
โŒ Work information
Blog Web
Gravatar ID โŒ
Twitter Twitter
โŒ Skype
โŒ Linkedin
Followers Followers
Following Following
Created at Created at
Updated at โŒ

๐Ÿ”’ Prevention

Configurations on Github:

Configurations on Gitlab:

  • Settings url: https://gitlab.com/-/profile

    • โœ”๏ธ Public email: do not show on profile

    • โœ”๏ธ Commit email: use a private email

Owner
GOฮ ZO
GOฮ ZO
GitHub Repository
A discord token nuker With loads of options that will screw an account up real bad

A discord token nuker With loads of options that will screw an account up real bad, also has inbuilt massreport, GroupChat Spammer and Token/Password/Creditcard grabber and so much more!

XPTGR 0 Aug 07, 2022
Telegram bot to host python bots

Host-Bot Setup the api Upload the flask api on your host #its not important to do #i used it just for simple captcha system + save ids on your host!

Plugin 15 Feb 11, 2022
Simple script to extract useful informations from the combo BloodHound + Neo4j

bloodhound-quickwin Simple script to extract useful informations from the combo BloodHound + Neo4j. Can help to choose a target. Prerequisites python3

140 Dec 21, 2022
Grape - A webbrowser with its own Search Engine

Grape ๐Ÿ”Ž A Web Browser made entirely in python. Search Engine ๐Ÿ”Ž Installation: F

Grape 2 Sep 06, 2022
A listener for RF >= 4.0 that prints a Stack Trace to console to faster find the code section where the failure appears.

robotframework-stacktrace A listener for RF = 4.0 that prints a Stack Trace to console to faster find the code section where the failure appears. Ins

marketsquare 16 Nov 24, 2022
Telegram music & video bot direct play music

โšก NOINOI MUSIC PLAYER ๐ŸŽต SUPERFAST MUSIC BOT WHO CAN DIRECT PLAY SONG ON TELEGRAM VOICE CHAT ALSO CAN PLAY VIDEO ON VOICE CHATS โœจ Heroku Deploy YOU CA

noinoi-X 1 Dec 28, 2021
A discord token creator that uses the service capmonster for captcha solving!

Discord Token Creator A discord token creator that uses the service capmonster for captcha solving! Report Bug ยท Request Feature Features Autojoin dis

dropout 41 Oct 25, 2021
An example of using discordpy 2.0.0a to create a bot that supports slash commands

DpySlashBotExample An example of using discordpy 2.0.0a to create a bot that supports slash commands. This is not a fully complete bot, just an exampl

7 Oct 17, 2022
DankMemer-Farmer - Autofarm Self-Bot for Discord bot Named Dankmemer.

DankMemer-Farmer Autofarm Self-Bot for Discord bot Named Dankmemer. Warning We are not responsible if you got banned, since "self-bots" outside of the

Mole 16 Dec 14, 2022
Web3 Ethereum DeFi toolkit for smart contracts, Uniswap and PancakeSwap trades, Ethereum JSON-RPC utilities, wallets and automated test suites.

Web3 Ethereum Defi This project contains common Ethereum smart contracts and utilities, for trading, wallets,automated test suites and backend integra

Trading Strategy 222 Jan 04, 2023
A multi exploit instagram exploitation framework

Instagram Exploitation Framework About IEF Is an open source Instagram Exploitation Framework with various Exploits that could be used to mod your pro

Instagram Exploitation Framework - BirdSecurity 1 May 23, 2022
Telegram Bot for saving and sharing personal and group notes

EZ Notes Bot (ezNotesBot) Telegram Bot for saving and sharing personal and group notes. Usage Personal notes: reply to any message in PM to save it as

Dash Eclipse 8 Nov 07, 2022
A simple tool that lets you know when you are out of Lost Ark's queues

Overview A simple tool that lets you know when you are out of Lost Ark's queues. You can be notified via: Sound: the app will play a sound Discord web

Nelson 3 Feb 15, 2022
Twitch Points Miner for multiple accounts with Discord logging

Twitch Points Miner for multiple accounts with Discord logging Creator of the Twitch Miner -- PLEASE NOTE THIS IS PROBABLY BANNABLE -- Made on python

8 Apr 27, 2022
Black-hat with python

black-hat_python Advantages - More advance tool Easy to use allows updating tool update - run bash update.sh Here -: Command to install tool main- clo

Hackers Tech 2 Feb 10, 2022
Mazda Connected Service API wrapper based on pymazda and Flask.

Mazda Connected Service Relay Mazda Connected Service API wrapper based on pymazda and Flask. Usage Make POST calls to https://mymazda.herokuapp.com/{

Alan Chen 10 Jan 05, 2023
A Discord Bot for the Pygame Community Server

PygameCommunityBot The Pygame Community Discord bot The bot is capable of doing a lot of stuff, the command prefix is pg!. For help on all the bot com

PygameCommunityDiscord 23 Nov 30, 2022
Monitor your Binance portfolio

Binance Report Bot The intent of this bot is to take a snapshot of your binance wallet, e.g. the current balances and store it for further plotting. I

37 Oct 29, 2022
LyricsGenius: a Python client for the Genius.com API

LyricsGenius: a Python client for the Genius.com API lyricsgenius provides a simple interface to the song, artist, and lyrics data stored on Genius.co

KevinChunye 2 Jun 30, 2022
A simple Telegram bot can convert web docs, Telegraph links, etc. to Pdf !

A Telegram Bot to convert http Links to PDF

Renjith Mangal 10 Oct 28, 2022