GitHub App Keys
- Documentation: https://docs.github.com/en/free-pro-team@latest/rest/reference/apps
- Summary: GitHub Applications are plugins that can be installed on GitHub accounts and organizations. This detector focuses on detecting the applications' credentials as they could possibly be used to retrieve data from GitHub. Note that these credentials are different from GitHub Oauth App Keys, the main differences are listed here. To get more information on the name of the app and the user or oganization it is tied to, visit https://github.com/login/oauth/authorize?client_id=CLIENT_ID_GOES_HERE.
- IPs allowlist: This feature is not currently available.
- Scopes: The app has the scope granted by the user when installing it.
#Revoke the secret
Any application owners using OAuth can revoke a grant, which will also delete all OAuth tokens associated with the application for the user (see here.
#Check for suspicious activity
This feature is not described in the documentation.
Github app keys#
Category: Version control platform
High recall: True
Validity check available: True
On-premise instances exist: True
Only valid secrets raise an alert: True
Minimum number of matches: 2
Occurrences found for one million commits: 4.75
- type: ContentWhitelistPreValidator patterns: - iv1
- text: | Owned by @GitGuard App ID 36327 Client ID Iv1.923233af7a5c81af Client secret 7dfc7a8b97409e216c35b21e4008938d599def9a client_id: Iv1.923233af7a5c81af client_secret: 7dfc7a8b97409e216c35b21e4008938d599def9a