vinifera: GitHub recon/monitoring tool for finding internal leaks

Vinifera – Monitor Internal Leaks on Github

Vinifera allows Companies/Organizations to monitor public assets to find references to internal code leaks and potential breaches.

Sometimes developers might leak internal code and credentials by accident. Vinifera aims to help companies detect those breaches in due time and respond to the incident.

How does it work?

Vinifera monitors developers belonging to the organization, monitors and scans public contributions to look for potential violations and breaches of internal/secret/proprietary code by looking for references defined.

• Vinifera works by syncing org users.
• For each user, all the public assets are registered (if not already tracked).
• Each asset (Repo, Gist) is then scanned for any differences.
• Each difference is then scanned, stored, and reported (if contains any leaks)

We have been using Vinifera in production since Dec 2019 and has helped us prevent security incidents. Vinifera started out as an internal project to ensure Security hygiene of our public contributions and monitor potential leaks on Github. We believe this will help other companies to strengthen their security hygiene when it comes to public sources like Github.

Install & Use

Copyright [2019-Present] [Zomato]