Gitrob is an open source reconnaissance tool designed to identify potentially sensitive files that have been committed to public GitHub repositories. It helps security professionals, researchers, and organizations detect accidental data exposure by scanning repositories associated with specific GitHub users or organizations. The tool works by cloning repositories and analyzing their commit history to search for files that match predefined signatures of sensitive data. These signatures are used to flag items such as credentials, private keys, configuration files, and other materials that may expose confidential information. By automatically inspecting repository histories, Gitrob simplifies the process of identifying security risks that might otherwise remain unnoticed in publicly accessible codebases. The results of the scan are presented through a built-in web interface that allows users to browse findings, review flagged files, and analyze potential leaks more efficiently.

Features

  • Scans GitHub repositories belonging to users or organizations
  • Clones repositories and analyzes commit history for sensitive files
  • Uses signature-based detection to identify risky filenames and patterns
  • Displays results through a built-in web interface for easier analysis
  • Supports configurable commit depth to control how much history is scanned
  • Allows saving and loading scan sessions for later review or sharing

Project Samples

Gitrob Screenshot 1

Project Activity

See All Activity >

Categories

OSINT

License

MIT License

Follow Gitrob

Gitrob Web Site

Other Useful Business Software
Attack Surface Management | Criminal IP ASM Icon
Attack Surface Management | Criminal IP ASM

For security operations, threat-intelligence and risk teams wanting a tool to get access to auto-monitored assets exposed to attack surfaces

Criminal IP’s Attack Surface Management (ASM) is a threat-intelligence–driven platform that continuously discovers, inventories, and monitors every internet-connected asset associated with an organization, including shadow and forgotten resources, so teams see their true external footprint from an attacker’s perspective. The solution combines automated asset discovery with OSINT techniques, AI enrichment and advanced threat intelligence to surface exposed hosts, domains, cloud services, IoT endpoints and other Internet-facing vectors, capture evidence (screenshots and metadata), and correlate findings to known exploitability and attacker tradecraft. ASM prioritizes exposures by business context and risk, highlights vulnerable components and misconfigurations, and provides real-time alerts and dashboards to speed investigation and remediation.
Learn More
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of Gitrob!

Additional Project Details

Programming Language

Go, JavaScript, Unix Shell

Related Categories

Unix Shell OSINT Tool, JavaScript OSINT Tool, Go OSINT Tool

Registered

2026-03-06
Report inappropriate content