mirror of
https://github.com/bellingcat/octosuite.git
synced 2026-06-10 12:28:37 +03:00
Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
8364053f97 | ||
|
|
1f288d503f | ||
|
|
57911bd68f | ||
|
|
264048e4bf | ||
|
|
671fbdcaa4 | ||
|
|
5fc5af4157 | ||
|
|
8bc799c829 | ||
|
|
85cadefd50 |
13
README.md
13
README.md
@@ -10,15 +10,11 @@ A framework for gathering open-source intelligence on GitHub users, repositories
|
||||
|
||||
|
||||
|
||||
> About
|
||||
|
||||
|
||||
|
||||
> User profile
|
||||
|
||||
|
||||
> Organisation profile
|
||||
|
||||
|
||||
|
||||
|
||||
# Wiki
|
||||
[Refer to the Wiki](https://github.com/bellingcat/octosuite/wiki) for installation instructions, in addition to all other documentation.
|
||||
@@ -56,6 +52,7 @@ A framework for gathering open-source intelligence on GitHub users, repositories
|
||||
- [x] All the above can be used with command-line arguments (PyPI Package only)
|
||||
- [x] ...And more
|
||||
|
||||
|
||||
## Note
|
||||
> Octosuite automatically logs network and user activity of each session, the logs are saved by date and time in the .logs folder
|
||||
|
||||
@@ -63,6 +60,10 @@ A framework for gathering open-source intelligence on GitHub users, repositories
|
||||
# License
|
||||
|
||||
|
||||
# Credits
|
||||
* The code used for finding emails from usernames is taken from [Somdev Sangwan](https://github.com/s0md3v)'s [Zen](https://github.com/s0md3v/zen)
|
||||
|
||||
|
||||
# Donations
|
||||
If you like OctoSuite and would like to show support, you can Buy A Coffee for the developer using the button below
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ from octosuite.config import red, white, green, reset, Tree
|
||||
|
||||
# banner.py
|
||||
# This file holds the program's banner and version tag
|
||||
version_tag = "3.0.4"
|
||||
version_tag = "3.1.0"
|
||||
|
||||
|
||||
def banner():
|
||||
|
||||
@@ -124,7 +124,7 @@ def usage():
|
||||
|
||||
def create_parser():
|
||||
parser = argparse.ArgumentParser(description='OCTOSUITE: Advanced GitHub osint framework — by Richard Mwewa | https://about.me/rly0nheart', usage=usage())
|
||||
parser.add_argument('-m', '--method', help='method', choices=['user_profile', 'user_repos', 'user_gists', 'user_orgs', 'user_events',
|
||||
parser.add_argument('-m', '--method', help='method', choices=['user_email', 'user_profile', 'user_repos', 'user_gists', 'user_orgs', 'user_events',
|
||||
'user_subscriptions', 'user_following', 'user_followers', 'user_follows',
|
||||
'org_profile', 'org_repos', 'org_events', 'org_member',
|
||||
'repo_profile', 'repo_contributors', 'repo_stargazers', 'repo_forks',
|
||||
|
||||
@@ -67,6 +67,7 @@ def user_command():
|
||||
user_cmd_table = Table(show_header=True, header_style=header_title)
|
||||
user_cmd_table.add_column("Command", style="dim")
|
||||
user_cmd_table.add_column("Description")
|
||||
user_cmd_table.add_row("email", "Return a target's email")
|
||||
user_cmd_table.add_row("profile", "Get a target's profile info")
|
||||
user_cmd_table.add_row("gists", "Return a users's gists")
|
||||
user_cmd_table.add_row("org", "Return organizations that a target belongs to/owns")
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
#!usr/bin/python
|
||||
|
||||
import re
|
||||
import os
|
||||
import sys
|
||||
import shutil
|
||||
@@ -9,6 +10,7 @@ import requests
|
||||
import platform
|
||||
import subprocess
|
||||
from datetime import datetime
|
||||
from requests.auth import HTTPBasicAuth
|
||||
from octosuite.banner import version_tag, banner
|
||||
from octosuite.config import Tree, Text, Table, Prompt, Confirm, xprint, create_parser, args, red, white, green, yellow, header_title, reset
|
||||
from octosuite.message_prefixes import ERROR, WARNING, PROMPT, POSITIVE, NEGATIVE, INFO # wondering why I name all the variables instead of just using the * wildcard?, because it's the pythonic way lol
|
||||
@@ -29,7 +31,7 @@ if os.name == "nt":
|
||||
try:
|
||||
from pyreadline3 import Readline
|
||||
except ImportError:
|
||||
subprocess.run(['pip3', 'install', 'pyreadline3'])
|
||||
subprocess.run(['pip3', 'install', 'pyreadline3'], shell=False)
|
||||
readline = Readline()
|
||||
else:
|
||||
import readline
|
||||
@@ -199,7 +201,7 @@ An advanced and lightning fast framework for gathering open-source intelligence
|
||||
|
||||
|
||||
Whats new in v{version_tag}?
|
||||
[{green}FIXED{reset}] Merged pull request from #9: bad indentation leading to reference before assignment error #9
|
||||
[{green}IMPROVED{reset}] Added a subcommand to the 'user' commands, that will be used to get a user's email 'user:email' (CLI only)
|
||||
|
||||
Read the wiki: https://github.com/bellingcat/octosuite/wiki
|
||||
GitHub REST API documentation: https://docs.github.com/rest
|
||||
@@ -207,6 +209,22 @@ GitHub REST API documentation: https://docs.github.com/rest
|
||||
xprint(about_text)
|
||||
|
||||
|
||||
def get_email_from_contributor(username, repo, contributor):
|
||||
response = requests.get(f"https://github.com/{username}/{repo}/commits?author={contributor}",
|
||||
auth=HTTPBasicAuth(username, '')).text
|
||||
latest_commit = re.search(rf'href="/{username}/{repo}/commit/(.*?)"', response)
|
||||
if latest_commit:
|
||||
latest_commit = latest_commit.group(1)
|
||||
else:
|
||||
latest_commit = 'dummy'
|
||||
commit_details = requests.get(f"https://github.com/{username}/{repo}/commit/{latest_commit}.patch",
|
||||
auth=HTTPBasicAuth(username, '')).text
|
||||
email = re.search(r'<(.*)>', commit_details)
|
||||
if email:
|
||||
email = email.group(1)
|
||||
return email
|
||||
|
||||
|
||||
class Octosuite:
|
||||
def __init__(self):
|
||||
# API endpoint
|
||||
@@ -243,6 +261,7 @@ class Octosuite:
|
||||
("repo:issues", self.repo_issues),
|
||||
("repo:releases", self.repo_releases),
|
||||
("user", user),
|
||||
("user:email", self.get_user_email),
|
||||
("user:repos", self.user_repos),
|
||||
("user:gists", self.user_gists),
|
||||
("user:orgs", self.user_orgs),
|
||||
@@ -271,6 +290,7 @@ class Octosuite:
|
||||
|
||||
# Arguments map will be used to run Octosuite with argparse
|
||||
self.argument_map = [("user_profile", self.user_profile),
|
||||
("user_email", self.get_user_email),
|
||||
("user_repos", self.user_repos),
|
||||
("user_gists", self.user_gists),
|
||||
("user_orgs", self.user_orgs),
|
||||
@@ -510,6 +530,28 @@ class Octosuite:
|
||||
'About.me': 'https://about.me/rly0nheart',
|
||||
'Buy Me A Coffee': 'https://buymeacoffee.com/189381184'}
|
||||
|
||||
def get_repos_from_username(self, username):
|
||||
response = requests.get(f"{self.endpoint}/users/{username}/repos?per_page=100&sort=pushed",
|
||||
auth=HTTPBasicAuth(username, '')).text
|
||||
repositories = re.findall(rf'"full_name":"{username}/(.*?)",.*?"fork":(.*?),', response)
|
||||
unforked_repos = []
|
||||
for repository in repositories:
|
||||
if repository[1] == 'false':
|
||||
unforked_repos.append(repository[0])
|
||||
return unforked_repos
|
||||
|
||||
def get_user_email(self):
|
||||
if args.username:
|
||||
username = args.username
|
||||
else:
|
||||
username = Prompt.ask(f"{white}@{green}Username{reset}")
|
||||
repos = self.get_repos_from_username(username)
|
||||
for repo in repos:
|
||||
email = get_email_from_contributor(username, repo, username)
|
||||
if email:
|
||||
xprint(f"{username}: {email}")
|
||||
break
|
||||
|
||||
# Fetching organization info
|
||||
def org_profile(self):
|
||||
if args.organization:
|
||||
|
||||
Reference in New Issue
Block a user