Skip to content

noob6t5/giturl-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
domain_filter.py
domain_filter.py
 
 
finder.py
finder.py
 
 
test_filter.py
test_filter.py
 
 

Repository files navigation

giturl-scanner

This tool goes through all public (non-archived) repos of any GitHub org, clones them, extracts every URL and package dependency. Inspired by similar tool of Arshad Kazmi github-scanner-local

⚡ What It Does

  • 🔎 Clones all non-archived repos from a GitHub org using api as well from local folder's
  • 🕵️ Extracts URLs from code, docs, configs, HTML, JSON, etc.
  • ⚔️ Validates URLs using httpx
  • 📦 Extracts packages (npm, pypi, gem, go)
  • 💀 Flags broken links + potentially hijackable packages

🛠 Requirements

  • Python 3.x

  • httpx Go tool in your $PATH

  • Optional: GH_TOKEN set for higher GitHub API limits

🚀 Usage

export GH_TOKEN=gh_yourtoken

git clone https://github.com/noob6t5/giturl-scanner.git

cd giturl-scanner

python3 finder.py -o <github-org-name>

python3 finder.py -f folder_here
finder

TODO

  • Scan secrets in cloned repo using TruffleHog and Gitleaks
  • Add requirements.txt
  • Adjust exporting GitHub token safely
  • Configure with Confused for dependency confusion
  • Separate Username and Check for Takeover by 404 status code

About

A Tool to Grab All url's from Github Repo's using Org name esp for Red teaming

Topics

broken-links bugbounty-tool fortheloveofcode gitsecret

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

Release for build Latest
Aug 2, 2025

Packages

No packages published

Languages