OSINT Tool: Commit Stream

Reading Time: 4 Minutes

OSINT Tool: Commit Stream

GitHub Link

Commit Stream

Commit-Stream by x1sec drinks commit logs from the GitHub event firehose exposing the author details (name and email address) associated with GitHub repositories in real time. This tool is an Open-source intelligence tool aimed to perform significant recon for Red Teams, Pentesters and Bug Bounty hunters.

Source code review is one of the most important aspects and often a lot of mistakes usually from developers are found, resulting in revealing secret keys hardcoded into JavaScript’s, or source codes hosted on Platform like GitHub, which hosts a lot of major code for top companies globally.

Features

• Uncover repositories which employees of a target company is committing code (filter by email domain)
• Identify repositories belonging to an individual (filter by author name)
• Chain with other tools such as trufflehog to extract secrets in uncovered repositories.

See Also: Beijing Olympics App Flaws Allow Man-in-the-Middle Attacks

See Also: Complete Offensive Security and Ethical Hacking Course

Installation

Binaries

Compiled 64-bit executable files for Windows, Mac and Linux are available here

Go get

If you would prefer to build yourself (and Go is setup correctly):

go get -u github.com/x1sec/commit-stream

Building from source

go get && go build

See Also: Hacking stories – Rafael Núñez (aka RaFa), hacking NASA with the hacking group: World of Hell

Usage

Usage:
  commit-stream [OPTIONS]

Options:
  -e, --email        Match email addresses field (specify multiple with comma). Omit to match all.
  -n, --name         Match author name field (specify multiple with comma). Omit to match all.
  -t, --token        Github token (if not specified, will use environment variable 'CSTREAM_TOKEN')
  -a  --all-commits  Search through previous commit history (default: false)
  -i  --ignore-priv  Ignore noreply.github.com private email addresses (default: false)   

commit-stream requires a Github personal access token to be used. You can generate a token navigating in Github [Settings / Developer Settings / Personal Access Tokens] then selecting ‘Generate new token’. Nothing here needs to be selected, just enter the name of the token and click generate.

Once the token has been created, the recommended method is to set it via an environment variable CSTREAM_TOKEN:

export CSTREAM_TOKEN=xxxxxxxxxx

Alternatively, the –token switch maybe used when invoking the program, e.g:

./commit-stream –token xxxxxxxxxx

When running commit-stream with no options, it will immediately dump author details and the associated repositories in CSV format to the terminal. Filtering options are available.

To filter by email domain:

./commit-stream –email ‘@company.com’

To filter by author name:

./commit-stream –name ‘John Smith’

Multiple keywords can be specified with a , character. e.g.

./commit-stream –email ‘@telsa.com,@ford.com’

It is possible to search up to 20 previous commits for the filter keywords by specifying –all-commits. This may increase the likelihood of a positive matches.

Email addresses that have been set to private (@users.noreply.github.com) can be omitted by specifying –ignore-priv. This is useful to reduce the volume of data collected if running the tool for an extended period of time.