legal contact rss

Checking GitHUB for disclosed information that shall be removed quickly

To check my own repositories for information that should not be publically available, I found the trufflehog very usefull.

docker run -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest git --org "[Org-Name]" --directory="/data/trufflehog/" --only-verified -j

While it exports the results as JSON, the import into Splunk for comprehensive reporting is quite a peace of cake.

index=tgmon sourcetype=trufflehog
| dedup DetectorName Redacted Raw
| rename AS Link
| fillnull value="n.a."
| stats count by Verified DetectorName Redacted Link SourceMetadata.Data.Github.timestamp