Categorygithub.com/gnomegl/gitslurp
modulepackage
1.3.4
Repository: https://github.com/gnomegl/gitslurp.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
13
Dependents
0
Files
652 SLOC

# README

gitslurp šŸ”

License: MIT Go Version

gitslurp logo
OSINT tool to analyze GitHub user's commit history across repositories

Features ā€¢ Installation ā€¢ Usage ā€¢ Docs ā€¢ Contributing

A powerful command-line tool that analyzes GitHub user activity and highlights their contributions across repositories. Perfect for developers, maintainers, and anyone interested in understanding contribution patterns on GitHub.

# Quick install
go install github.com/gnomegl/gitslurp@latest

# Basic usage
gitslurp soxoj

Features

  • šŸ” User-Centric Analysis: Search by GitHub username, email address or organization
  • šŸ“Š Comprehensive Commit History: View all commits made by a user across public repositories
  • šŸŽÆ Visual Highlighting: Easily identify target user's commits with color-coding and emojis
  • šŸ‘„ Multiple Identity Support: Detects and groups commits from different email addresses and names
  • šŸ½ Advanced Secret Detection: Powered by TruffleHog regex patterns for enterprise-grade secret detection
  • ā­ Interesting Patterns: Find URLs, UUIDs, IPs, and other interesting patterns in commit messages
  • šŸ“¦ Repository Context: Shows if commits are in user's own repositories or forks
  • šŸ¢ Organization Scanning: Scan entire organizations to identify employees and their commit patterns

Installation

go install github.com/gnomegl/gitslurp@latest

Usage

Basic usage:

gitslurp <username>

Search by email:

gitslurp [email protected]

With GitHub token (recommended for better rate limits):

gitslurp -t <github_token> <username>

Options

  • --token, -t: GitHub personal access token (can also be set via GITSLURP_GITHUB_TOKEN environment variable)
  • --details, -d: Show detailed commit information
  • --secrets, -s: Enable TruffleHog-powered secret detection in commits šŸ½
  • --interesting, -i: Show interesting findings like URLs, emails, and other patterns in commit messages
  • --all, -a: Show commits from all contributors in the target's repositories. This is useful for OSINT investigations to discover potential alternate accounts when users accidentally commit with different identities. Note: This flag is automatically enabled when scanning organizations.

Output Format

The tool provides a clear, color-coded output:

  • šŸ“ Target user's emails are marked and highlighted
  • ā­ Target user's commits are highlighted
  • šŸ‘¤ Author information is clearly displayed
  • šŸ“‚ Repository names are organized and highlighted

Example output:

šŸ“ [email protected] (Target User)
  Names used: John, John Doe
  Total Commits: 150
  šŸ“‚ Repo: example/project
    ā­ Commit: abc123
    šŸ”— URL: https://github.com/example/project/commit/abc123
    šŸ‘¤ Author: John Doe <[email protected]>

Authentication

For better rate limits and access to private repositories, use a GitHub personal access token:

  1. Create a token at https://github.com/settings/tokens
  2. Use the -t flag or set the GITSLURP_GITHUB_TOKEN environment variable

Development

Requirements:

  • Go 1.21 or higher
  • GitHub API access (token recommended)

Build from source:

git clone https://github.com/gnomegl/gitslurp.git
cd gitslurp
go build

License

MIT License - see LICENSE file for details