Gitls : Enumerate Git Repository URL From List Of URL / User / Org

Gitls tool is available when the repository, such as GitHub, is included in the bug bounty scope. Sometimes specified as an org name or user name rather than a specific repository, you can use this tool to extract url from all public repositories included in the org/user.

This can be used for various actions such as scanning or cloning for multiple repositories.

NOTICE
For unauthenticated requests in github api, the rate limit allows for up to 60 requests per hour. Unauthenticated requests are associated with the originating IP address, and not the user making requests. https://docs.github.com/en/rest/overview/resources-in-the-rest-api

So too many tasks can be blocked by the API for a certain time from github. In this case, you can select the appropriate destination or access and use any IP using the torsocks(e.g torsocks gitls -l user.list) or -tor options.

Installation

  • From go-get

▶ GO111MODULE=on go get -v github.com/hahwul/gitls

  • Using homebres

▶ brew tap hahwul/gitls
▶ brew install gitls

  • Using snapcraft

▶ sudo snap install gitls

Usage

Usage of gitls:
  -include-users
     include repo of org users(member)
  -l string
     List of targets (e.g -l sample.lst)
  -o string
     write output file (optional)
  -proxy string
     using custom proxy
  -tor
     using tor proxy / localhost:9050
  -version
     version of gitls

Case Study

Make all repo urls from repo/org/user urls

  • sample.lst

https://github.com/hahwul
https://github.com/tomnomnom/gron
https://github.com/tomnomnom/httprobe
https://github.com/s0md3v

  • make repo url list from sample file

▶ gitls -l sample.lst
https://github.com/hahwul/a2sv
https://github.com/hahwul/action-dalfox
https://github.com/hahwul/asset-of-hahwul.com
https://github.com/hahwul/awesome-zap-extensions
https://github.com/hahwul/backbomb
https://github.com/hahwul/booungJS
https://github.com/hahwul/buildpack-nmap
https://github.com/hahwul/buildpack-zap-daemon
https://github.com/hahwul/can-i-protect-xss
https://github.com/hahwul/cyan-snake
https://github.com/hahwul/dalfox
https://github.com/hahwul/DevSecOps
https://github.com/hahwul/droid-hunter
https://github.com/hahwul/exploit-db_to_dokuwiki
https://github.com/hahwul/ftc https://github.com/hahwul/gitls https://github.com/hahwul/go-github-selfupdate-patched https://github.com/hahwul/hack-pet …snip…
https://github.com/hahwul/zap-cloud-scan
https://github.com/tomnomnom/gron
https://github.com/tomnomnom/httprobe
https://github.com/s0md3v/Arjun
https://github.com/s0md3v/AwesomeXSS
https://github.com/s0md3v/Blazy
https://github.com/s0md3v/Bolt …snip…
https://github.com/s0md3v/velocity
https://github.com/s0md3v/XSStrike
https://github.com/s0md3v/Zen
https://github.com/s0md3v/zetanize

Get all repository in org and included users(members)

▶ echo https://github.com/paypal | ./gitls -include-users

….
https://github.com/paypal/tech-talks
https://github.com/paypal/TLS-update
https://github.com/paypal/yurita
https://github.com/ahunnargikar
https://github.com/ahunnargikar/docker-chronos-image
https://github.com/ahunnargikar/docker-tomcat7
https://github.com/ahunnargikar/DockerConDemo
https://github.com/ahunnargikar/elasticsearch-registry-backend
https://github.com/ahunnargikar/elasticsearchindex
https://github.com/ahunnargikar/jenkins-dind
https://github.com/ahunnargikar/jenkins-standalone
https://github.com/ahunnargikar/vagrant-mesos
https://github.com/ahunnargikar/vagrant_docker_registry
https://github.com/anandpalanisamy
https://github.com/anilgursel
https://github.com/anilgursel/squbs-sample
https://github.com/bluepnume


Automated testing with gitleaks

▶ gitls -l sample.lst | xargs -I % gitleaks –repo-url=% -v

All clone target’s repo

▶ echo “https://github.com/paypal” | gitls | xargs -I % git clone %

R K

Recent Posts

Understanding the Model Context Protocol (MCP) and How It Works

Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…

1 day ago

The file Command – Quickly Identify File Contents in Linux

While file extensions in Linux are optional and often misleading, the file command helps decode what a…

1 day ago

How to Use the touch Command in Linux

The touch command is one of the quickest ways to create new empty files or update timestamps…

1 day ago

How to Search Files and Folders in Linux Using the find Command

Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…

1 day ago

How to Move and Rename Files in Linux with the mv Command

Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…

1 day ago

How to Create Directories in Linux with the mkdir Command

Creating directories is one of the earliest skills you'll use on a Linux system. The mkdir (make…

1 day ago