Get Started

Investigate GitHub

Description

GitFive is an OSINT tool to investigate GitHub profiles.

Main features :

  • Usernames / names history
  • Usernames / names variations
  • Email address to GitHub account
  • Find GitHub’s accounts from a list of email addresses
  • Lists identities used by the target
  • Clones and analyze every target’s repos
  • Highlights emails tied to GitHub’s target account
  • Finds local identities (UPNs, ex : [email protected])
  • Finds potential secondary GitHub accounts
  • Don’t need repos to work (but better)
  • Generates every possible email address combinations and looks for matchs
  • Dumps SSH public keys
  • JSON export

Optimizations :

  • Very low API consumption, stays under the rate-limit
  • Multi-processing tasks (bypassing Python’s GIL)
  • Async scraping

Workflow

Click here for a full view

 

Requirements

  • Git
  • Python >= 3.10

Installation

$ pip3 install pipx
$ pipx ensurepath
$ pipx install gitfive

It will automatically use venvs to avoid dependency conflicts with other projects.

Usage

First, login to GitHub (preferably with a secondary account) :

$ gitfive login

Then, profit :

usage: gitfive [-h] {login,user,email,emails,light} ...

positional arguments:
  {login,user,email,emails,light}
    login               Let GitFive authenticate to GitHub.
    user                Track down a GitHub user by its username.
    email               Track down a GitHub user by its email address.
    emails              Find GitHub usernames of a given list of email addresses.
    light               Quickly find emails addresses from a GitHub username.

options:
  -h, --help            show this help message and exit

PS : plz avoid testing on torvalds or other authors of repos with 1 million commits

📄 You can also use –json with user and email modules to export in JSON ! Example :

$ gitfive user mxrch --json mxrch_data.json

Have fun 🥰💞

Video demo

 2022-10-06.00-22-32.mp4 

Obvious disclaimer

This tool is for educational purposes only, I am not responsible for its use.

Less obvious disclaimer

The use of this tool in an automated paid service / software is strictly forbidden without my personal agreement.
Please use it only in personal, criminal investigations, or open-source projects.

Subscribe to our channel and do not miss new collections of tools in various areas of Information Security.

  Posted by: @ESPYER

  • Share

More Articles

  • Article
Explore IRBIS Web Portal with Flexible Pricing – Start Testing Today!
  • Article
IRBIS SEARCH AI – Unlocking Real-Time Phone Number Intelligence with ChatGPT Integration
  • Article
How OSINT Profiling Uncovered a Fake Recruitment Attempt Using AI and Data Analysis
  • Article
Automating Investigations: Smarter Workflows for Security Professionals
  • Article
OSINT in Action: The Case of Abdelnour Djabri and a Global Manhunt
  • Article
Harnessing OSINT in Criminal Investigations: A Case Study on the Fugitive Emmanuel Edokpolor

Try Irbis by Espy Today

Have questions? Talk with an expert or 🎉sign up to try it yourself Free!

Talk with an Expert
espy-logo-black

Empowering your operations with real-time data, secure integrations, and insightful user discovery for superior fraud prevention.

iso-logo
gdpr-logo
Solutions
Company
Contact Sales
Facebook-f

© Copyright ESPY Ltd

Skip to content