I am trying to run this python script made by trufflehog to use their open-source scanner for scanning all repo's of an account or organization at once.
Does anyone know how i can put my orgname and access token in the url without messing up the rest?
def get_org_repos(orgname, page):
response = requests.get(url='https://api.github.com/users/' + orgname + '/repos?page={}'.format(page))
json = response.json()
if not json:
return None
for item in json:
if item['fork'] == False:
print('searching ' + item["html_url"])
results = truffleHog.find_strings(item["html_url"], do_regex=True, custom_regexes=rules, do_entropy=False, max_depth=100000)
for issue in results["foundIssues"]:
d = loads(open(issue).read())
d['github_url'] = "{}/blob/{}/{}".format(item["html_url"], d['commitHash'], d['path'])
d['github_commit_url'] = "{}/commit/{}".format(item["html_url"], d['commitHash'])
d['diff'] = d['diff'][0:200]
d['printDiff'] = d['printDiff'][0:200]
print(dumps(d, indent=4))
get_org_repos(orgname, page + 1)
get_org_repos("insertOrgName", 1)
So far I have tried a few variations of things like
requests.get(url='https://api.github.com/users/myOrg/repos?access_token=xyz?page={}'.format(page))
Firstly I would use f-strings to make it more readable, secondly I would pass in GET parameters using built in requests functionality.