gitslurp 🔍

OSINT tool to analyze GitHub user's commit history across repositories

Features • Installation • Usage • Docs • Contributing

---

A powerful command-line tool that analyzes GitHub user activity and highlights their contributions across repositories. Perfect for developers, maintainers, and anyone interested in understanding contribution patterns on GitHub.

# Quick install
go install git.sr.ht/~gnome/gitslurp@latest

# Basic usage
gitslurp soxoj

Features

• 🔍 User-Centric Analysis: Search by GitHub username, email address or organization

• 📊 Comprehensive Commit History: View all commits made by a user across public repositories

• 🎯 Visual Highlighting: Easily identify target user's commits with color-coding and emojis

• 👥 Multiple Identity Support: Detects and groups commits from different email addresses and names

• 🐽 Advanced Secret Detection: Powered by TruffleHog-inspired regex patterns for enterprise-grade secret detection

• ⭐ Interesting Patterns: Find URLs, UUIDs, IPs, and other interesting patterns in commit messages

• 📦 Repository Context: Shows if commits are in user's own repositories or forks

• 🏢 Organization Scanning: Scan entire organizations to identify employees and their commit patterns

Installation

go install git.sr.ht/~gnome/gitslurp@latest

Usage

Basic usage:

gitslurp <username>

Search by email:

gitslurp user@example.com

With GitHub token (recommended for better rate limits):

gitslurp -t <github_token> <username>

Enable secret detection:

gitslurp --secrets <username>

Options

• --token, -t: GitHub personal access token (can also be set via GITSLURP_GITHUB_TOKEN environment variable)

• --details, -d: Show detailed commit information

• --secrets, -s: Enable TruffleHog-powered secret detection in commits 🐽

• --interesting, -i: Show interesting findings like URLs, emails, and other patterns in commit messages

• --quick, -q: Quick mode - fetch ~50 most recent commits per repo ⚡

• --timestamp-analysis, -T: Analyze commit timestamps for unusual patterns 🕐

• --include-forks, -F: Include forked repositories in the scan

• --json, -j: Output results in JSON format

• --csv: Output results in CSV format

• --profile-only, -p: Show user profile only, skip repository analysis

Output Format

The tool provides a clear, color-coded output:

• 📍 Target user's emails are marked and highlighted
• ⭐ Target user's commits are highlighted
• 👤 Author information is clearly displayed
• 📂 Repository names are organized and highlighted

Example output:

📍 user@example.com (Target User)
  Names used: John, John Doe
  Total Commits: 150
  📂 Repo: example/project
    ⭐ Commit: abc123
    🔗 URL: https://github.com/example/project/commit/abc123
    👤 Author: John Doe <user@example.com>

Authentication

For better rate limits and access to private repositories, use a GitHub personal access token:

1. Create a token at https://github.com/settings/tokens
2. Use the -t flag or set the GITSLURP_GITHUB_TOKEN environment variable

Development

Requirements:

• Go 1.21 or higher
• GitHub API access (token recommended)

Build from source:

git clone git@git.sr.ht:~gnome/gitslurp
cd gitslurp
go build

License

MIT License - see LICENSE file for details