Skip to content

RealGalaxyCat/env-finder

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

70 Commits
config
config
 
 
env_finder
env_finder
 
 
scripts
scripts
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

EnvFinder

EnvFinder is a security research tool that helps identify accidentally exposed configuration files (.env files) in public github repositories to support responsible disclosure and defensive analysis.

Todo

  • Replace logging System with stdlib logging module
  • Improve Log Messages
  • Implement logic to filter out known default .env files using hash blacklist
  • Add more hashes for default .env files
  • Add type hints in github.py
  • Handle unsuccessful responses in github.py
  • Add retry logic for failed requests
  • Catch SSL Errors
  • Extend statistics for errors (like error type; SSLError, 4xx/5xx status code)
  • Rename 'url' to 'file_url' when logging to hits.json file

Responsible Use

This tool is intended for ethical security research and defensive analysis only.

Users are responsible for complying with:

  • GitHub Terms of Service
  • Applicable laws and regulations
  • Responsible disclosure practices

Do not use this tool to access systems without authorization.

About

Finds sensitive data like .env files on github

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Python 98.2%
  • Dockerfile 1.3%
  • PowerShell 0.5%