Checking GitHUB for disclosed information that shall be removed quickly
To check my own repositories for information that should not be publically available, I found the trufflehog very usefull.
docker run -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest git --org "[Org-Name]" --directory="/data/trufflehog/" --only-verified -j
While it exports the results as JSON, the import into Splunk for comprehensive reporting is quite a peace of cake.
index=tgmon sourcetype=trufflehog
| dedup DetectorName Redacted Raw
| rename SourceMetadata.Data.Github.link AS Link
| fillnull value="n.a."
| stats count by Verified DetectorName Redacted Link SourceMetadata.Data.Github.timestamp
