Skip to content

Github:Auditing:Find External Collaborators

Jump to bottom
lbonanomi edited this page Jan 20, 2025 · 1 revision 
import json
import requests
import sys

token = '$TOKEN_GOES_HERE'

def paged(org, cursor=""):
        
        payload = { "query": "query   { organization(login: \"" + org + "\") {repositories(visibility: PUBLIC, first: 100, after: \"" + cursor + "\") {pageInfo {startCursor hasNextPage endCursor}nodes {name collaborators(affiliation: OUTSIDE, first: 100) {edges {permission} nodes {login}}}}}}" }

        data = json.dumps(payload)

        headers = {"Content-type": "application/json", "Authorization": "bearer " + token} ##, "User-Agent": "python3"}

        x = requests.post("https://api.github.com/graphql", headers=headers, data=data).json()

        try:
                for y in x['data']['organization']['repositories']['nodes']:

                        them = []

                        repo = y['name']

                        for collaborator in y['collaborators']['nodes']:
                                them.append(collaborator['login'])

                        if len(them):
                                print(org + "," + repo, ",", ",".join(them))

                if x['data']['organization']['repositories']['pageInfo']['hasNextPage']:
                        paged(org, cursor=x['data']['organization']['repositories']['pageInfo']['endCursor'])

        except Exception:
                print("No permissions in", org)

for org in [ "org1", "org2", "org3" ]:
        paged(org, cursor="")

AWS

Apache

FleetDM

GHE

GSuite

Git

Grafana

Java

Jenkins

Jira

Linux

OpenLDAP

Openstack

SSL

X

kubernetes

webdriver

Clone this wiki locally