gitscan

command module
v0.0.0-...-b2b3290 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 28, 2017 License: MIT Imports: 12 Imported by: 0

README

Git Scan

A tool to scan git repositories for vulnerabilities.

Checks

  • Suspicious file names, based on Gitrob
  • High entropy strings

Installation

First initialize a PostgreSQL database with database.sql

Install gitscan

$ go get -v github.com/ardaxi/gitscan

Usage

Grab a personal access token from Gitlab. See the Gitlab documentation for more information.

If the database is not on the same host or needs a username/password, see connection string parameters to create a DSN.

Then, start gitscan and let it run:

$ gitscan -token $ACCESS_TOKEN -dsn "dbname=gitscan"

To see the results, start gitscan in server mode:

$ gitscan -server -dsn "dbname=gitscan"

This will start a local server on port 8000 which you can reach over HTTP to provide your token and see results.

Documentation

The Go Gopher

There is no documentation for this package.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL