Locked Token-Hunter v1.1.0 - Collect OSINT for GitLab groups and members

By itsMe
January 6, 2021 in Pentesting

Followers 0

Start new topic

Recommended Posts

itsMe

Posted January 6, 2021

- Share

Posted January 6, 2021

This is the hidden content, please

Token-Hunter
Collect OSINT for GitLab groups and members and search the group and group members’ snippets, issues, and issue discussions for sensitive data that may be included in these assets. The information gathered is intended to compliment and inform the use of additional tools such as TruffleHog or GitRob, which search git commit history using a similar technique of regular expression matching.

How the tool works
Start by providing a group ID for a specific group on GitLab. You can find the group ID underneath the group name in the GitLab UI. Token-Hunter will use the GitLab group ID to find all associated projects for that group and, optionally, the groups members personal projects. Configure the tool to look for sensitive data in assets related to the projects it finds. Token-Hunter uses the same set of regular expressions as TruffleHog with a few additions for GitLab specific tokens. Token-Hunter depends on these easily configurable regular expressions for accuracy and effectiveness. Currently, the tool supports GitLab snippets, issues, and issue discussions with plans for future expansion to other assets. The tool is intended to be very configurable to allow for efficient discovery of sensitive data in the assets you’re specifically interested in.

This is the hidden content, please

Link to comment

Share on other sites

This topic is now closed to further replies.

Followers 0

Go to topic listing

Similar Content
- SharpOD x64 (A_AntiDebug Plugin. Support for x64dbg)
  
  By itsMe, December 5, 2021
  - for
  - support
  - (and 5 more)
    
    Tagged with:
    
    for
    
    support
    
    plugin.
    
    (a_antidebug
    
    x64
    
    sharpod
    
    x64dbg)
  - 0 replies
  - 1,642 views
- How to sniff API of android aps For making configs
  
  By itsMe, May 20, 2021
  - making
  - for
  - (and 6 more)
    
    Tagged with:
    
    making
    
    for
    
    aps
    
    android
    
    api
    
    sniff
    
    how
    
    configs
  - 0 replies
  - 243 views
- How To Make Simple APP Config(API) In OPENBULLET Using Fiddler
  
  By itsMe, March 24, 2023
  - easiest
  - configs
  - (and 8 more)
    
    Tagged with:
    
    easiest
    
    configs
    
    openbullet
    
    api
    
    android
    
    making
    
    for
    
    setup
    
    how
    
    method
  - 0 replies
  - 495 views
- OpenAI Davinci v1.7 - AI Writing Assistant and Content Creator as SaaS - Nulled
  
  By itsMe, April 28, 2023
  - nulled
  - saas
  - (and 8 more)
    
    Tagged with:
    
    nulled
    
    saas
    
    creator
    
    content
    
    and
    
    assistant
    
    writing
    
    v1.7
    
    davinci
    
    openai
  - 0 replies
  - 441 views
- TweakNow WinSecret Plus! for Windows 11 and 10 4.6.0
  
  By itsMe, April 27, 2023
  - tweaknow
  - winsecret
  - (and 5 more)
    
    Tagged with:
    
    tweaknow
    
    winsecret
    
    plus!
    
    for
    
    windows
    
    and
    
    4.6.0
  - 0 replies
  - 280 views

Sign In

Locked Token-Hunter v1.1.0 - Collect OSINT for GitLab groups and members

Recommended Posts

itsMe

Link to comment

Share on other sites

Similar Content

SharpOD x64 (A_AntiDebug Plugin. Support for x64dbg)

How to sniff API of android aps For making configs

How To Make Simple APP Config(API) In OPENBULLET Using Fiddler

OpenAI Davinci v1.7 - AI Writing Assistant and Content Creator as SaaS - Nulled

TweakNow WinSecret Plus! for Windows 11 and 10 4.6.0

Browse

Activity

Store

Important Information