Skip to content
/ TravisLeaks Public
forked from Shashank-In/TravisLeaks

A tool to find sensitive keys and passwords in Travis logs

0 stars 37 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

manarea/TravisLeaks

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
README.md
README.md
 
 
travisleak.py
travisleak.py
 
 
wordlist.txt
wordlist.txt
 
 

Repository files navigation

TravisLeaks 🚀

A tool to find sensitive keys and passwords in Travis logs

travis gif


Description

Read the Blog post here

Just enter the Travis user name of the organization. The script will automatically find out all jobs and then do two things:

  1. Look for ED's keywords for potential leaks
  2. Use the concept of entropy to find potential API keys in the logs

Requirements (using travisleak.py script)

Python 3.X
pip install requests

Usage

python travisleak.py travis_user_name


travis_exe_1


travis_exe2



Credits:-

The keywords for the potential leak was taken from ED's blog post here

The concept of entropy was adapted from here

Note

This tool still needs a lot of development. I would be glad if someone would like to contribute to this project.

Goals

  • Better output format
  • Support CircleCI scans

About

A tool to find sensitive keys and passwords in Travis logs

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%