Fetches and aggregates public OSINT data for a GitHub user, leveraging Go and the GitHub API.
- Retrieve basic user profile information (username, ID, avatar, bio, creation dates)
- List organizations and roles
- Fetch SSH and GPG keys
- Enumerate social accounts
- Extract unique commit authors (name + email)
- Find close friends
- Find Github accounts using an email address
- Export results to JSON
- Deep scan option (clone repositories, regex search, analyze licenses, etc.)
This tool is intended for educational purposes only. Use responsibly and ensure you have permission to access the data you are querying.
- Go 1.18+
- GitHub Personal Access Token (recommended for higher rate limits): Create a GitHub API token with no permissions/no scope. This will be equivalent to public GitHub access, but it will allow access to use the GitHub Search API.
go get github.com/anotherhadi/gh-reconClick to expand
From anywhere (using the repo URL):
nix run github:anotherhadi/gh-recon -- --username TARGET_USER [--token YOUR_TOKEN]Permanent Installation:
# add the flake to your flake.nix
{
inputs = {
gh-recon.url = "github:anotherhadi/gh-recon";
};
}
# then add it to your packages
environment.systemPackages = with pkgs; [ # or home.packages
gh-recon
];gh-recon --username TARGET_USER [--token YOUR_TOKEN] -d, --deep Enable deep scan (clone repos, regex search, analyse licenses, etc.)
-e, --email string Search accounts by email address
--exclude-repo string Exclude repos from deep scan (comma-separated list)
-j, --json string Write results to specified JSON file
--max-size int Limit the size of repositories to scan (in MB) (Only for deep scan) (default 150)
-c, --only-commits Display only commits with author info
-r, --refresh Refresh the cache (deep scan only)
-s, --silent Suppress all non-essential output
-t, --token string GitHub personal access token (e.g. ghp_...)
-u, --username string GitHub username to analyzegh-recon --username anotherhadi --token ghp_ABC123...
gh-recon --email myemail@gmail.com --token ghp_ABC123...
gh-recon --username anotherhadi --json output.json --deepUnderstanding what information about you is publicly visible is the first step to managing your online presence. gh-recon can help you identify your own publicly available data on GitHub. Here’s how you can take steps to protect your privacy and security:
- Review your public profile: Regularly check your GitHub profile and repositories to ensure that you are not unintentionally exposing sensitive information.
- Manage email exposure: Use GitHub's settings to control which email addresses are visible on your profile and in commit history. You can also use a no-reply email address for commits. Delete/modify any sensitive information in your commit history.
- Be Mindful of Repository Content: Avoid including sensitive information in your repositories, such as API keys, passwords, emails or personal data. Use
.gitignoreto exclude files that contain sensitive information.
You can also use a tool like TruffleHog to scan your repositories specifically for exposed secrets and tokens.
Useful links:
Feel free to contribute! See CONTRIBUTING.md for details.