1/19/2020

How to find important information in github(with gitrob)

Today.. I write in "how to find important information in github(with gitrob)".
It's a very simple article, just introduction...



Install and Github AccessToken Setting

First, download with go get!

go get github.com/michenriksen/gitrob


And let's add go/bin in the rc file(.zshrf, .bashrc, etc...) for ease of use.

# ~/.zshrc

alias gitrob='your-go-path/bin/gitrob'


if you run this, need to github access token is required. This is essential because gitrob uses github api.

$ gitrob
No GitHub access token given. Please provide via command line option or in the GITROB_ACCESS_TOKEN environment variable.

Open github's settings and generate the access token.
https://github.com/settings/tokens



Token grants only read access to the repo because it requires only that privilege. (I don't need anything else.)
When the token is issued, it puts a value in the environment variable called GITROB_ACCESS_TOKEN. Also, this is easy to manage from rc file

export GITROB_ACCESS_TOKEN=your-github-access-token


All right, it's working!

$ gitrob
        _ __           __
  ___ _(_) /________  / /
 / _ `/ / __/ __/ _ \/ _ \
 \_, /_/\__/_/  \___/_.__/
/___/ by @michenriksen

gitrob v2.0.0-beta started at 2020-01-19T01:52:22+09:00
Loaded 91 signatures
Web interface available at http://127.0.0.1:9393
Please provide at least one GitHub organization or user

Usage

Gitrob arguments is options and organization names.
$ gitrob {org_name}


Options
Usage of /Users/hahwul/go/bin/gitrob:
  -bind-address string
     Address to bind web server to (default "127.0.0.1")
  -commit-depth int
     Number of repository commits to process (default 500)
  -debug
     Print debugging information
  -github-access-token string
     GitHub access token to use for API requests
  -load string
     Load session file
  -no-expand-orgs
     Don't add members to targets when processing organizations
  -port int
     Port to run web server on (default 9393)
  -save string
     Save session to file
  -silent
     Suppress all output except for errors
  -threads int
     Number of concurrent threads (default number of logical CPUs)


I can't tell you, but if you turn it around, you'll see this. Once scanning is complete, you can check the results on the web page. By default, it is http://localhost:9393



References

https://github.com/michenriksen/gitrob
https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line



HAHWUL

Security engineer, Rubyist, Gopher and H4cker!

Share: | Coffee Me: