Investigate GitHub

Description

GitFive is an OSINT tool to investigate GitHub profiles.

Main features :

  • Usernames / names history
  • Usernames / names variations
  • Email address to GitHub account
  • Find GitHub’s accounts from a list of email addresses
  • Lists identities used by the target
  • Clones and analyze every target’s repos
  • Highlights emails tied to GitHub’s target account
  • Finds local identities (UPNs, ex : [email protected])
  • Finds potential secondary GitHub accounts
  • Don’t need repos to work (but better)
  • Generates every possible email address combinations and looks for matchs
  • Dumps SSH public keys
  • JSON export

Optimizations :

  • Very low API consumption, stays under the rate-limit
  • Multi-processing tasks (bypassing Python’s GIL)
  • Async scraping

Workflow

Click here for a full view

 

Requirements

  • Git
  • Python >= 3.10

Installation

$ pip3 install pipx
$ pipx ensurepath
$ pipx install gitfive

It will automatically use venvs to avoid dependency conflicts with other projects.

Usage

First, login to GitHub (preferably with a secondary account) :

$ gitfive login

Then, profit :

usage: gitfive [-h] {login,user,email,emails,light} ...

positional arguments:
  {login,user,email,emails,light}
    login               Let GitFive authenticate to GitHub.
    user                Track down a GitHub user by its username.
    email               Track down a GitHub user by its email address.
    emails              Find GitHub usernames of a given list of email addresses.
    light               Quickly find emails addresses from a GitHub username.

options:
  -h, --help            show this help message and exit

PS : plz avoid testing on torvalds or other authors of repos with 1 million commits

📄 You can also use –json with user and email modules to export in JSON ! Example :

$ gitfive user mxrch --json mxrch_data.json

Have fun 🥰💞

Video demo

 2022-10-06.00-22-32.mp4 

Obvious disclaimer

This tool is for educational purposes only, I am not responsible for its use.

Less obvious disclaimer

The use of this tool in an automated paid service / software is strictly forbidden without my personal agreement.
Please use it only in personal, criminal investigations, or open-source projects.

Subscribe to our channel and do not miss new collections of tools in various areas of Information Security.

  Posted by: @ESPYER

Facebook
Twitter
LinkedIn
HR_person_going_through_employee_applications_to_hire

osint background check – ‏How do companies use open source intelligence to perform background checks?

Companies use open source intelligence (OSINT) to perform background checks as it offers a cost-effective and efficient way to gather information about individuals from publicly available sources. OSINT allows companies to evaluate potential employees based on various criteria, ensuring they are a suitable fit for the organization.

In this article we’ll review some key areas companies care about the most and weigh as significant when performing background checks using OSINT.

Read More »
osint telegram chatbots help privet investigators

In today’s world, information is power

Telegram OSINT bots have become increasingly popular among private investigators, journalists, and other professionals who conduct OSINT investigations on the platform. These bots can quickly gather valuable information about users, group members, and their interactions, which can help investigators build a more complete picture of an individual or group’s activities. However, it’s important to note that the use of these bots is not limited to law enforcement or private investigators, and that other OSINT tools and techniques can also be used to gather information on the platform. Furthermore, it’s crucial to use these tools ethically and responsibly, and to ensure that the information gathered is accurate and reliable. Overall, the use of Telegram OSINT bots and other OSINT tools can be a valuable resource for professionals in a wide range of fields who need to gather information about individuals or groups on the platform.

Read More »
What to Expect from Username Search Engine OSINT

Top Username Search Engines

If you’re looking for a username search engine, look no further. In this article, we’ll explore the top username search engines available online and how they can help you find valuable information about a person or organization.

Read More »
Telegram User ID Lookup How_to_Find_Telegram_Users_Uniqu.png

Telegram OSINT: The Ultimate Guide to Unveiling Insights Beyond What Meets the Eye

Telegram is a widely popular messaging app with over 500 million active users. It is known for its end-to-end encryption, self-destructing messages, and robust privacy features. However, what most people don’t know is that Telegram is also a goldmine for open-source intelligence (OSINT) analysts, investigators, and researchers.

Telegram OSINT is the practice of using publicly available information on Telegram to gather intelligence about individuals, groups, organizations, and events. This information can include usernames, group/channel memberships, chat histories, and even location data. With the right tools and techniques, Telegram OSINT can reveal a wealth of information that is not easily obtainable through other means.

Read More »
How OSINT Can Give Your Business a Competitive Edge

How OSINT Can Give Your Business a Competitive Edge

Using OSINT for Competitive Intelligence:

OSINT can help your business keep track of what your competitors are doing, and adjust your strategies accordingly. By monitoring your competitors’ social media accounts, online reviews, and customer feedback, you can gather valuable insights into their strengths and weaknesses. This information can be used to improve your own products or services and stand out from the competition. Additionally, OSINT can be used to identify new entrants in your market, and to track mergers and acquisitions that could impact your business.

Read More »