ThreatIngestor

Extract and aggregate IOCs from threat feeds.

Table of Contents

  • GitHub Repository Search
    • Configuration Options
    • Example Configuration

Related Topics

  • Documentation overview
    • Source Plugins
      • Previous: Git
      • Next: GitHub Gist Username Search
rss twitter github linkedin

Other Projects

More InQuest projects:

  • ThreatKB
  • iocextract
  • sandboxapi
  • inquestlabs

Useful Links

  • GitHub Repository
  • PyPI Package
  • Issue Tracker
  • Changelog

Stay Informed

  • InQuest logo InQuest Labs
  • InQuest logo InQuest Newsletter
  • InQuest Blog
  • Twitter
  • LinkedIn
  • GitHub

Quick search

GitHub Repository Search¶

The GitHub source plugin uses GitHub’s repository search API to find new interesting repos, and create a Task artifact for each.

Configuration Options¶

  • module (required): github
  • search (required): Search term(s).
  • username (optional): Username for authentication.
  • token (optional): Token or password for authentication.
  • num_of_days (optional): Search within a specific number of days since repository creation date.

Example Configuration¶

The following examples all assume GitHub credentials have already been configured in the credentials section of the config, like this:

credentials:
  - name: github-auth
    username: myuser
    token: MYTOKEN

Note

GitHub credentials are optional, but increase the rate limit for API requests significantly. If you are doing more than one or two low- volume searches, you should set up the credentials.

Inside the sources section of your configuration file:

- name: github-cve-repos
  credentials: github-auth
  module: github
  search: CVE-2018-
  num_of_days: 60
©2019 - 2023 InQuest, LLC. | Page source