Find threats in source code
The obvious use here is to find subdomains in GitHub repositories, but this also will find the developers working on those projects. https://github.com/gwen001/github-subdomains
This is the best way to find sensitive data exposure in git repos
jq -r '.secrets[] | [.file, .offender] | @csv' ./scanresults/file01.json | sort -u
jq -r '.secrets[] | [.file, .rule, .lineNumber, .commit, .author, .date, .offender] | @csv' ./file02.json > file02-report.csv
jq 'del(.secrets[].line)' ./file03.json
git shortlog -sne
git grep "password=" `git show-ref --heads`
git rev-list HEAD --count
git log --show-signature -1
git log --show-signature
gitleaks -v --depth=$(git rev-list HEAD --count) -p ./
gitleaks -v -r https://github.com/juice-shop/juice-shop.git
curl https://api.github.com/user/106486165
find ./ -exec grep -si -o '[A-Z0-9._%+-]\+@[A-Z0-9.-]\+\.[A-Z]\{2,4\}' {} \;
git commit --date='2021-01-01 12:12:00' -m "message"