Source |
Darknet - The Darkside |
Identifiant |
2289172 |
Date de publication |
2021-02-03 13:13:35 (vue: 2021-02-03 14:06:14) |
Titre |
GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials |
Texte |
GitLab Watchman is an application that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally – this includes code, commits, wiki pages and more.
GitLab Watchman searches GitLab for internally shared projects and looks at:
Code
Commits
Wiki pages
Issues
Merge requests
Milestones
For the following data:
GCP keys and service account files
AWS keys
Azure keys and service account files
Google API keys
Slack API tokens & webhooks
Private keys (SSH, PGP, any other misc private key)
Exposed tokens (Bearer tokens, access tokens, client_secret etc.)
S3 config files
Passwords in plaintext
CICD variables exposed publicly
and more
Using GitLab Watchman to Audit Gitlab For Sensitive Data
GitLab Watchman will be installed as a global command, use as follows:
usage: gitlab-watchman [-h] --timeframe {d,w,m,a} --output
{file,stdout,stream} [--version] [--all] [--blobs]
[--commits] [--wiki-blobs] [--issues] [--merge-requests]
[--milestones] [--comments]
Monitoring GitLab for sensitive data shared publicly
optional arguments:
-h, --help show this help message and exit
--version show program's version number and exit
--all Find everything
--blobs Search code blobs
--commits Search commits
--wiki-blobs Search wiki blobs
--issues Search issues
--merge-requests Search merge requests
--milestones Search milestones
--comments Search comments
required arguments:
--timeframe {d,w,m,a}
How far back to search: d = 24 hours w = 7 days, m =
30 days, a = all time
--output {file,stdout,stream}
Where to send results
You can run GitLab Watchman to look for everything, and output to default Stdout:
gitlab-watchman --timeframe a --all
Or arguments can be grouped together to search more granularly.
Read the rest of GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials now! Only available at Darknet.
|
Envoyé |
Oui |
Condensat |
access account all any api application arguments arguments: at: audit available aws azure back bearer blobs can cicd client code command comments commits config credentials darknet data data: days default etc everything exit exposed far file files find following follows: gcp gitlab global google granularly grouped help hours how includes installed internally issues key keys look looks merge message milestones misc monitoring more now number only optional other output pages passwords pgp plaintext private program projects publicly read requests required rest results run search search: searches secret send sensitive service shared show slack ssh stdout stdout: stream time timeframe together tokens usage: use uses using variables version watchman webhooks where wiki will |
Tags |
|
Stories |
|
Notes |
|
Move |
|