-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Github API Integration
To enable Github API integration via Sn1per, you must create your Github API token by going here: https://github.com/settings/tokens. If you already have a Github API token, you will need to update /root/.sniper_api_keys.conf with the following value:
GITHUB_API_KEY="_____ENTER YOUR API KEY HERE_____"
Next, add the following value to your /root/.sniper.conf file:
GITHUB_SUBDOMAINS="1"
You can then run "recon" mode to pull all discovered sub-domains from Github (ie. sniper -t website.com -m stealth -re -w website.com).
If you want to enable automated Github leak searches, you need to edit your /usr/share/sniper/plugins/gitGraber/config.py file with your API tokens for Github/Slack/Telegram, etc.
GITHUB_TOKENS = ['_____ENTER YOUR API KEY HERE_____']
GITHUB_URL_FILE = 'rawGitUrls.txt'
GITHUB_API_URL = 'https://api.github.com/search/code?q='
GITHUB_API_COMMIT_URL = 'https://api.github.com/repos/'
GITHUB_SEARCH_PARAMS = '&sort=indexed&o=desc'
GITHUB_BASE_URL = 'https://github.com'
GITHUB_MAX_RETRY = 10
SLACK_WEBHOOKURL = 'https://hooks.slack.com/services/___YOUR CUSTOM WEBHOOK URL HERE___'
TELEGRAM_CONFIG = {
"token": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"chat_id": -999999999999999
}
You can then run "OSINT" mode to search for sensitive info on Github (ie. sniper -t website.com -m stealth -o -w website.com).