wraith

command module
v0.0.0-...-5efcf84 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 1, 2022 License: MIT Imports: 1 Imported by: 0

README


wraith
Wraith

Finding digital secrets that were never meant to be found in all corners of the net.

GitHub go.mod Go version (branch) GitHub go.mod Go version (branch) GitHub release (latest SemVer) GitHub commits since latest release (by SemVer)
GitHub issues by-label GitHub issues by-label Travis (.org) branch Travis (.org) branch
Code Climate maintainability Code Climate technical debt Code Climate issues
GitHub GitHub All Releases

CapabilitiesScreenshotsQuickstartDocumentationContributingCreditsFAQRelated

Wraith uncovers forgotten secrets and brings them back to life, haunting security and operations teams. It can be used to scan hosted and local git repos as well as local filesystems.

Capabilities

Targets

  • Gitlab.com repositories and projects
  • Github.com repositories and organizations
  • Local git repositories
  • Local filesystem

Major Features

  • Exclude files, paths, and extensions
  • Web and terminal interfaces for real-time results (very much alpha)
  • Configurable commit depth
  • Built with Viper to manage environment variables, config files, or flags
  • Uses Cobra sub-commands for easier, more modular, functionality

Screenshots

Screen Shot 2020-08-16 at 11 23 25 PM Screen Shot 2020-08-16 at 11 23 43 PM


Quickstart

  1. Download the latest release and either build it yourself with make build or you can use a prebuilt binary, currently they only exist for OSX. This project uses a branching git flow. Details can be found in the developer doc, suffice it to say Master is stable develop shoud be considered beta.
  2. Download or clone the latest set of signatures and either copy signatures/default.yaml to ~/.wraith/signatures/ or adjust the location in your configuration file. A sample is shown below
  3. Copy the below configuration to ~/.wraith/config.yaml. This will allow you to get up and running for basic scans without having to figure out the flags. Any of these values can be overwritten on the commnd line as well. You will need to generate your own api tokens for github and gitlab if you are scanning against them.
  4. Once you have this done, just run a scan command.
  • wraith scanGithub
  • wraith scanGitlab
  • wraith scanLocalGitRepo
  • wraith scanLocalPath
---
commit-depth: -1
debug: false
github-api-token: <token>
github-orgs:
    - <org 1>
    - <org 2>
github-repos:
    - <repo 1>
github-users:
    - <user 1>
gitlab-api-token: <token>
gitlab-targets:
    - <repo 1>
    - <project 1>
    - <user 1>
scan-forks: false
scan-tests: false
ignore-extension:
    - .html
    - .css
    - .log
ignore-path:
    - static/
    - docs/
    - .idea/
in-mem-clone: false
local-paths:
    - ../relative/path/to/file.md
    - $HOME/path/to/file.pl
    - /absolute/path/to/file.rb
confidence-level: 3
num-threads: 1
local-repos:
    - ../wraith
    - /home/bob/Go/src/foo
silent: false
web-server: false
json: false
csv: false
test-signatures: false
signatures-path: "~/.wraith/signatures"
signature-file:
    - ../wraith-signatures/signatures/default.yaml
signatures-url: "https://github.com/N0MoreSecr3ts/wraith-signatures"
signatures-version: "0.2.0"

Documentation

Build from source

At this stage the best option is to build from source from this repository.

To install from source, make sure you have a correctly configured Go >= 1.14 environment and that $GOPATH/bin is in your $PATH.

    $ cd $GOPATH/src
    $ git clone git@github.com:N0MoreSecr3ts/wraith.git
    $ cd wraith
    $ make build
    $ ./bin/wraith-<ARCH> <sub-command>

Signatures

Signatures are the current method used to detect secrets within the a target source. They are broken out into the wraith-signatures repo for extensability purposes. This allows them to be independently versioned and developed without having to recompile the code. To makes changes just edit an existing signature or create a new one. Check the README in that repo for additional details.

Authencation

Wraith will need either a GitLab or Github access token in order to interact with their appropriate API's. You can create a GitLab personal access token, or a Github personal access token and save it in an environment variable in your bashrc, add it to a wraith config file, or pass it in on the command line. Passing it in on the commandline should be avoided if possible for security reasons. Of course if you want to eat your own dog food, go ahead and do it that way, then point wraith at your command history file. 😈

Additional Documentation

Additional documentation is forthcoming

Contributing

Contributing.md

There is a roadmap as well, but at this point it's little more than a glorified TODO list and personal braindump. I am using that instead of issues, due to my velocity and general laziness towards process at this point. When the project becomes stable, most likely after Milestone 1, the roadmap will probably fall away and be captured in Issues.

Credits

  • @michenriksen for writing gitrob which serves as the foundation for wraith
  • @codeemitter for contributing several major features including in memory clones and gitlab support. His version is the immediate parent to wraith.
  • @mattyjones (Maintainer)

There are several other projects that wraith owes some lineage to including:

  • Trufflehog
  • all the many recon and OSINT tools already existing

Documentation

Overview

Copyright © 2020 Matty Jones

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Source Files

View all Source files

Directories

Path Synopsis
Package cmd represents the specific commands that the user will execute.
 Package cmd represents the specific commands that the user will execute.
Package core represents the core functionality of all commands
 Package core represents the core functionality of all commands
Package version sets the version for the tool
 Package version sets the version for the tool

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.