Skip to content

Releases: PaperMtn/github-watchman

GitHub Watchman 1.0.1

14 Nov 17:02
@PaperMtn PaperMtn
1.0.1
3d93ad0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
GitHub Watchman 1.0.1 Latest
Latest

1.0.1 - 2020-11-14

Fixed

  • Retry added for occasional Requests HTTPSConnectionPool error
Assets 3
Loading

GitHub Watchman 1.0.0

01 Oct 17:33
@PaperMtn PaperMtn
1.0.0
e74159b
Compare
Choose a tag to compare
GitHub Watchman 1.0.0

Initial Release

GitHub Watchman is an application that uses the GitHub API to audit GitHub for sensitive data and credentials exposed internally.

Features

It searches GitHub for internally shared projects and looks at:

  • Code
  • Commits
  • Issues
  • Repositories

For the following data:

  • GCP keys and service account files
  • AWS keys
  • Azure keys and service account files
  • Google API keys
  • Slack API tokens & webhooks
  • Private keys (SSH, PGP, any other misc private key)
  • Exposed tokens (Bearer tokens, access tokens, client_secret etc.)
  • S3 config files
  • Passwords in plaintext
  • and more

Time based searching

You can run GitHub Watchman to look for results going back as far as:

  • 24 hours
  • 7 days
  • 30 days
  • All time

This means after one deep scan, you can schedule GitHub Watchman to run regularly and only return results from your chosen timeframe.

Assets 3
Loading