[*]
Present the searchcode module and your search standards within the -o command-line change, together with any related authentication info and URL. It will output the URL to the matching code file, together with the road within the code that matched.
The GitHub code search is a “accommodates” search the place the string you enter it should seek for code that accommodates your search time period in any line.
SCMKit.exe -s github -m searchcode -c userName:password -u https://github.one thing.native -o "some search time period"
SCMKit.exe -s github -m searchcode -c apikey -u https://github.one thing.native -o "some search time period"
The GitLab code search is a “accommodates” search the place the string you enter it should seek for code that accommodates your search time period in any line.
SCMKit.exe -s gitlab -m searchcode -c userName:password -u https://gitlab.one thing.native -o "some search time period"
SCMKit.exe -s gitlab -m searchcode -c apikey -u https://gitlab.one thing.native -o "some search time period"
The Bitbucket code search is a “accommodates” search the place the string you enter it should seek for code that accommodates your search time period in any line.
SCMKit.exe -s bitbucket -m searchcode -c userName:password -u https://bitbucket.one thing.native -o "some search time period"
SCMKit.exe -s bitbucket -m searchcode -c apikey -u https://bitbucket.one thing.native -o "some search time period"
Use Case
Seek for information in repositories containing a given key phrase within the file identify in a selected SCM system
Syntax
Present the searchfile module and your search standards within the -o command-line change, together with any related authentication info and URL. It will output the URL to the matching file in its respective repository.
GitHub Enterprise
The GitLab file search is a “accommodates” search the place the string you enter it should seek for information that accommodates your search time period within the file identify.
SCMKit.exe -s github -m searchfile -c userName:password -u https://github.one thing.native -o "some search time period"
SCMKit.exe -s github -m searchfile -c apikey -u https://github.one thing.native -o "some search time period"
GitLab Enterprise
The GitLab file search is a “accommodates” search the place the string you enter it should seek for information that accommodates your search time period within the file identify.
SCMKit.exe -s gitlab -m searchfile -c userName:password -u https://gitlab.one thing.native -o "some search time period"
SCMKit.exe -s gitlab -m searchfile -c apikey -u https://gitlab.one thing.native -o "some search time period"
Bitbucket Server
The Bitbucket file search is a “accommodates” search the place the string you enter it should seek for information that accommodates your search time period within the file identify.
SCMKit.exe -s bitbucket -m searchfile -c userName:password -u https://bitbucket.one thing.native -o "some search time period"
SCMKit.exe -s bitbucket -m searchfile -c apikey -u https://bitbucket.one thing.native -o "some search time period"
Instance Output
C:sourceSCMKitSCMKitbinRelease>SCMKit.exe -s bitbucket -m searchfile -c apikey -u http://bitbucket.hogwarts.native:7990 -o jenkinsfile==================================================
Module: searchfile
System: bitbucket
Auth Sort: API Key
Choices: jenkinsfile
Goal URL: http://bitbucket.hogwarts.native:7990
Timestamp: 1/14/2022 10:17:59 PM
==================================================
[>] REPO: http://bitbucket.hogwarts.native:7990/scm/~HPOTTER/hpotter
[>] FILE: Jenkinsfile
[>] REPO: http://bitbucket.hogwarts.native:7990/scm/STUD/cred-decryption
[>] FILE: subDir/Jenkinsfile
Whole matching outcomes: 2
Listing Snippets
Use Case
Listing snippets owned by the present consumer in GitLab
Syntax
Present the listsnippet module, together with any related authentication info and URL.
GitLab Enterprise
SCMKit.exe -s gitlab -m listsnippet -c userName:password -u https://gitlab.one thing.native
SCMKit.exe -s gitlab -m listsnippet -c apikey -u https://gitlab.one thing.native
Instance Output
C:>SCMKit.exe -s gitlab -m listsnippet -c username:password -u https://gitlab.hogwarts.native==================================================
Module: listsnippet
System: gitlab
Auth Sort: Username/Password
Choices:
Goal URL: https://gitlab.hogwarts.native
Timestamp: 1/14/2022 9:17:36 PM
==================================================
Title | Uncooked URL
---------------------------------------------------------------------------------------------
spell-script | https://gitlab.hogwarts.native/-/snippets/2/uncooked
Listing Runners
Use Case
Listing all GitLab runners obtainable to the present consumer in GitLab
Syntax
Present the listrunner module, together with any related authentication info and URL. If the consumer is an administrator, it is possible for you to to listing all runners inside the GitLab Enterprise occasion, which incorporates shared and group runners.
GitLab Enterprise
SCMKit.exe -s gitlab -m listrunner -c userName:password -u https://gitlab.one thing.native
SCMKit.exe -s gitlab -m listrunner -c apikey -u https://gitlab.one thing.native
Instance Output
C:>SCMKit.exe -s gitlab -m listrunner -c username:password -u https://gitlab.hogwarts.native==================================================
Module: listrunner
System: gitlab
Auth Sort: Username/Password
Choices:
Goal URL: https://gitlab.hogwarts.native
Timestamp: 1/25/2022 11:40:08 AM
==================================================
ID | Title | Repo Assigned
---------------------------------------------------------------------------------
2 | gitlab-runner | https://gitlab.hogwarts.native/hpotter/spellbook.git
3 | gitlab-runner | https://gitlab.hogwarts.native/hpotter/maraudersmap.git
Listing Gists
Use Case
Listing gists owned by the present consumer in GitHub
Syntax
Present the listgist module, together with any related authentication info and URL.
GitHub Enterprise
SCMKit.exe -s github -m listgist -c userName:password -u https://github.one thing.native
SCMKit.exe -s github -m listgist -c apikey -u https://github.one thing.native
Instance Output
C:>SCMKit.exe -s github -m listgist -c username:password -u https://github-enterprise.hogwarts.native==================================================
Module: listgist
System: github
Auth Sort: Username/Password
Choices:
Goal URL: https://github-enterprise.hogwarts.native
Timestamp: 1/14/2022 9:43:23 PM
==================================================
Description | Visibility | URL
----------------------------------------------------------------------------------------------------------
Shell Script to Decode Spell | public | https://github-enterprise.hogwarts.native/gist/c11c6bb3f47fe67183d5bc9f048412a1
Listing Orgs
Use Case
Listing all organizations the present consumer belongs to in GitHub
Syntax
Present the listorg module, together with any related authentication info and URL.
GitHub Enterprise
SCMKit.exe -s github -m listorg -c userName:password -u https://github.one thing.native
SCMKit.exe -s github -m listorg -c apiKey -u https://github.one thing.native
Instance Output
C:>SCMKit.exe -s github -m listorg -c username:password -u https://github-enterprise.hogwarts.native==================================================
Module: listorg
System: github
Auth Sort: Username/Password
Choices:
Goal URL: https://github-enterprise.hogwarts.native
Timestamp: 1/14/2022 9:44:48 PM
==================================================
Title | URL
-----------------------------------------------------------------------------------
Hogwarts | https://github-enterprise.hogwarts.native/api/v3/orgs/Hogwarts/repos
Get Privileges of API Token
Use Case
Get the assigned privileges to an entry token being utilized in a selected SCM system
Syntax
Present the privs module, together with an API key and URL.
GitHub Enterprise
SCMKit.exe -s github -m privs -c apiKey -u https://github.one thing.native
GitLab Enterprise
SCMKit.exe -s gitlab -m privs -c apiKey -u https://gitlab.one thing.native
Instance Output
C:>SCMKit.exe -s gitlab -m privs -c apikey -u https://gitlab.hogwarts.native==================================================
Module: privs
System: gitlab
Auth Sort: API Key
Choices:
Goal URL: https://gitlab.hogwarts.native
Timestamp: 1/14/2022 9:18:27 PM
==================================================
Token Title | Lively? | Privilege | Description
---------------------------------------------------------------------------------------------------------------------------------
hgranger-api-token | True | api | Learn-write for the whole API, together with all teams and initiatives, the Container Registry, and the Package deal Registry.
hgranger-api-token | True | read_user | Learn-only for endpoints underneath /customers. Primarily, entry to any of the GET requests within the Customers API.
hgranger-api-token | True | read_api | Learn-only for the whole API, together with all teams and initiatives, the Container Registry, and the Package deal Registry.
hgranger-api-token | True | read_repository | Learn-only (pull) for the repository by way of git clone.
hgranger-api-token | True | write_repository | Learn-write (pull, push) for the repository by way of git clone. Required for accessing Git repositories over HTTP when 2FA is enabled.
Add Admin
Use Case
Promote a traditional consumer to an administrative function in a selected SCM system
Syntax
Present the addadmin module, together with any related authentication info and URL. Moreover, present the goal consumer you wish to add an administrative function to.
GitHub Enterprise
SCMKit.exe -s github -m addadmin -c userName:password -u https://github.one thing.native -o targetUserName
SCMKit.exe -s github -m addadmin -c apikey -u https://github.one thing.native -o targetUserName
GitLab Enterprise
SCMKit.exe -s gitlab -m addadmin -c userName:password -u https://gitlab.one thing.native -o targetUserName
SCMKit.exe -s gitlab -m addadmin -c apikey -u https://gitlab.one thing.native -o targetUserName
Bitbucket Server
Solely username/password auth is supported to carry out actions not associated to repos or initiatives in Bitbucket.
SCMKit.exe -s bitbucket -m addadmin -c userName:password -u https://bitbucket.one thing.native -o targetUserName
Instance Output
C:>SCMKit.exe -s gitlab -m addadmin -c apikey -u https://gitlab.hogwarts.native -o hgranger==================================================
Module: addadmin
System: gitlab
Auth Sort: API Key
Choices: hgranger
Goal URL: https://gitlab.hogwarts.native
Timestamp: 1/14/2022 9:19:32 PM
==================================================
[+] SUCCESS: The hgranger consumer was efficiently added to the admin function.
Take away Admin
Use Case
Demote an administrative consumer to a traditional consumer function in a selected SCM system
Syntax
Present the removeadmin module, together with any related authentication info and URL. Moreover, present the goal consumer you wish to take away an administrative function from.
GitHub Enterprise
SCMKit.exe -s github -m removeadmin -c userName:password -u https://github.one thing.native -o targetUserName
SCMKit.exe -s github -m removeadmin -c apikey -u https://github.one thing.native -o targetUserName
GitLab Enterprise
SCMKit.exe -s gitlab -m removeadmin -c userName:password -u https://gitlab.one thing.native -o targetUserName
SCMKit.exe -s gitlab -m removeadmin -c apikey -u https://gitlab.one thing.native -o targetUserName
Bitbucket Server
Solely username/password auth is supported to carry out actions not associated to repos or initiatives in Bitbucket.
SCMKit.exe -s bitbucket -m removeadmin -c userName:password -u https://bitbucket.one thing.native -o targetUserName
Instance Output
C:>SCMKit.exe -s gitlab -m removeadmin -c username:password -u https://gitlab.hogwarts.native -o hgranger==================================================
Module: removeadmin
System: gitlab
Auth Sort: Username/Password
Choices: hgranger
Goal URL: https://gitlab.hogwarts.native
Timestamp: 1/14/2022 9:20:12 PM
==================================================
[+] SUCCESS: The hgranger consumer was efficiently faraway from the admin function.
Create Entry Token
Use Case
Create an entry token for use in a selected SCM system
Syntax
Present the createpat module, together with any related authentication info and URL. Moreover, present the goal consumer you wish to create an entry token for.
GitLab Enterprise
This will solely be carried out as an administrator. You’ll present the username that you just wish to create a PAT for.
SCMKit.exe -s gitlab -m createpat -c userName:password -u https://gitlab.one thing.native -o targetUserName
SCMKit.exe -s gitlab -m createpat -c apikey -u https://gitlab.one thing.native -o targetUserName
Bitbucket Server
Creates PAT for the present consumer authenticating as. In Bitbucket you can’t create a PAT for an additional consumer, whilst an admin. Solely username/password auth is supported to carry out actions not associated to repos or initiatives in Bitbucket. Be aware of the PAT ID that’s proven after being created. You have to this when you’ll want to take away the PAT sooner or later.
SCMKit.exe -s bitbucket -m createpat -c userName:password -u https://bitbucket.one thing.native
Instance Output
C:>SCMKit.exe -s gitlab -m createpat -c username:password -u https://gitlab.hogwarts.native -o hgranger==================================================
Module: createpat
System: gitlab
Auth Sort: Username/Password
Choices: hgranger
Goal URL: https://gitlab.hogwarts.native
Timestamp: 1/20/2022 1:51:23 PM
==================================================
ID | Title | Token
-----------------------------------------------------
59 | SCMKIT-AaCND | R3ySx_8HUn6UQ_6onETx
[+] SUCCESS: The hgranger consumer private entry token was efficiently added.
Listing Entry Tokens
Use Case
Listing entry tokens for a consumer on a selected SCM system
Syntax
Present the listpat module, together with any related authentication info and URL.
GitLab Enterprise
Solely requires admin if you wish to listing one other consumer’s PAT’s. A daily consumer can listing their very own PAT’s.
SCMKit.exe -s gitlab -m listpat -c userName:password -u https://gitlab.one thing.native -o targetUser
SCMKit.exe -s gitlab -m listpat -c apikey -u https://gitlab.one thing.native -o targetUser
Bitbucket Server
Listing entry tokens for present consumer. Solely username/password auth is supported to carry out actions not associated to repos or initiatives in Bitbucket.
SCMKit.exe -s bitbucket -m listpat -c userName:password -u https://bitbucket.one thing.native
Listing entry tokens for an additional consumer (requires admin). Solely username/password auth is supported to carry out actions not associated to repos or initiatives in Bitbucket.
SCMKit.exe -s bitbucket -m listpat -c userName:password -u https://bitbucket.one thing.native -o targetUser
Instance Output
C:>SCMKit.exe -s gitlab -m listpat -c username:password -u https://gitlab.hogwarts.native -o hgranger==================================================
Module: listpat
System: gitlab
Auth Sort: Username/Password
Choices: hgranger
Goal URL: https://gitlab.hogwarts.native
Timestamp: 1/20/2022 1:54:41 PM
==================================================
ID | Title | Lively? | Scopes
----------------------------------------------------------------------------------------------
59 | SCMKIT-AaCND | True | api, read_repository, write_repository
Take away Entry Token
Use Case
Take away an entry token for a consumer in a selected SCM system
Syntax
Present the removepat module, together with any related authentication info and URL. Moreover, present the goal consumer PAT ID you wish to take away an entry token for.
GitLab Enterprise
Solely requires admin if you wish to take away one other consumer’s PAT. A daily consumer can take away their very own PAT. You need to present the PAT ID to take away. This ID was proven everytime you created the PAT and in addition while you listed the PAT.
SCMKit.exe -s gitlab -m removepat -c userName:password -u https://gitlab.one thing.native -o patID
SCMKit.exe -s gitlab -m removepat -c apikey -u https://gitlab.one thing.native -o patID
Bitbucket Server
Solely username/password auth is supported to carry out actions not associated to repos or initiatives in Bitbucket. You need to present the PAT ID to take away. This ID was proven everytime you created the PAT.
SCMKit.exe -s bitbucket -m removepat -c userName:password -u https://bitbucket.one thing.native -o patID
Instance Output
C:>SCMKit.exe -s gitlab -m removepat -c apikey -u https://gitlab.hogwarts.native -o 58==================================================
Module: removepat
System: gitlab
Auth Sort: API Key
Choices: 59
Goal URL: https://gitlab.hogwarts.native
Timestamp: 1/20/2022 1:56:47 PM
==================================================
[*] INFO: Revoking private entry token of ID: 59
[+] SUCCESS: The private entry token of ID 59 was efficiently revoked.
Create SSH Key
Use Case
Create an SSH key for use in a selected SCM system
Syntax
Present the createsshkey module, together with any related authentication info and URL.
GitHub Enterprise
Creates SSH key for the present consumer authenticating as.
SCMKit.exe -s github -m createsshkey -c userName:password -u https://github.one thing.native -o "ssh public key"
SCMKit.exe -s github -m createsshkey -c apiToken -u https://github.one thing.native -o "ssh public key"
GitLab Enterprise
Creates SSH key for the present consumer authenticating as. Be aware of the SSH key ID that’s proven after being created. You have to this when you’ll want to take away the SSH key sooner or later.
SCMKit.exe -s gitlab -m createsshkey -c userName:password -u https://gitlab.one thing.native -o "ssh public key"
SCMKit.exe -s gitlab -m createsshkey -c apiToken -u https://gitlab.one thing.native -o "ssh public key"
Bitbucket Server
Creates SSH key for the present consumer authenticating as. Solely username/password auth is supported to carry out actions not associated to repos or initiatives in Bitbucket. Be aware of the SSH key ID that’s proven after being created. You have to this when you’ll want to take away the SSH key sooner or later.
SCMKit.exe -s bitbucket -m createsshkey -c userName:password -u https://bitbucket.one thing.native -o "ssh public key"
Instance Output
Use Case
Listing SSH keys for a consumer on a selected SCM system
Syntax
Present the listsshkey module, together with any related authentication info and URL.
GitHub Enterprise
Listing SSH keys for present consumer. It will embody SSH key ID’s, which is required while you would wish to take away an SSH key.
SCMKit.exe -s github -m listsshkey -c userName:password -u https://github.one thing.native
SCMKit.exe -s github -m listsshkey -c apiToken -u https://github.one thing.native
GitLab Enterprise
Listing SSH keys for present consumer.
SCMKit.exe -s gitlab -m listsshkey -c userName:password -u https://gitlab.one thing.native
SCMKit.exe -s gitlab -m listsshkey -c apiToken -u https://gitlab.one thing.native
Bitbucket Server
Listing SSH keys for present consumer. Solely username/password auth is supported to carry out actions not associated to repos or initiatives in Bitbucket.
SCMKit.exe -s bitbucket -m listsshkey -c userName:password -u https://bitbucket.one thing.native
Instance Output
C:>SCMKit.exe -s gitlab -m listsshkey -u http://gitlab.hogwarts.native -c apiToken==================================================
Module: listsshkey
System: gitlab
Auth Sort: API Key
Choices:
Goal URL: https://gitlab.hogwarts.native
Timestamp: 2/7/2022 4:09:40 PM
==================================================
SSH Key ID | SSH Key Worth | Title
---------------------------------------------------------------
9 | .....p50edigBAF4lipVZkAM= | SCMKIT-RLzie
10 | .....vGJLPGHiTwIxW9i+xAs= | SCMKIT-muFGU
Take away SSH Key
Use Case
Take away an SSH key for a consumer in a selected SCM system
Syntax
Present the removesshkey module, together with any related authentication info and URL. Moreover, present the goal consumer SSH key ID to take away.
GitHub Enterprise
You need to present the SSH key ID to take away. This ID was proven everytime you listing SSH keys.
SCMKit.exe -s github -m removesshkey -c userName:password -u https://github.one thing.native -o sshKeyID
SCMKit.exe -s github -m removesshkey -c apiToken -u https://github.one thing.native -o sshKeyID
GitLab Enterprise
You need to present the SSH key ID to take away. This ID was proven everytime you created the SSH key and can also be proven when itemizing SSH keys.
SCMKit.exe -s gitlab -m removesshkey -c userName:password -u https://gitlab.one thing.native -o sshKeyID
SCMKit.exe -s gitlab -m removesshkey -c apiToken -u https://gitlab.one thing.native -o sshKeyID
Bitbucket Server
Solely username/password auth is supported to carry out actions not associated to repos or initiatives in Bitbucket. You need to present the SSH key ID to take away. This ID was proven everytime you created the SSH key and can also be proven when itemizing SSH keys.
SCMKit.exe -s bitbucket -m removesshkey -c userName:password -u https://bitbucket.one thing.native -o sshKeyID
Instance Output
C:>SCMKit.exe -s bitbucket -m removesshkey -u http://bitbucket.hogwarts.native:7990 -c username:password -o 16==================================================
Module: removesshkey
System: bitbucket
Auth Sort: Username/Password
Choices: 16
Goal URL: http://bitbucket.hogwarts.native:7990
Timestamp: 2/7/2022 1:48:03 PM
==================================================
[+] SUCCESS: The SSH key of ID 16 was efficiently revoked.
Listing Admin Stats
Use Case
Listing admin stats in GitHub Enterprise
Syntax
Present the adminstats module, together with any related authentication info and URL. Website admin entry in GitHub Enterprise is required to make use of this module
GitHub Enterprise
SCMKit.exe -s github -m adminstats -c userName:password -u https://github.one thing.native
SCMKit.exe -s github -m adminstats -c apikey -u https://github.one thing.native
Instance Output
C:>SCMKit.exe -s github -m adminstats -c username:password -u https://github-enterprise.hogwarts.native==================================================
Module: adminstats
System: github
Auth Sort: Username/Password
Choices:
Goal URL: https://github-enterprise.hogwarts.native
Timestamp: 1/14/2022 9:45:50 PM
==================================================
Admin Customers | Suspended Customers | Whole Customers
------------------------------------------------------
1 | 0 | 5
Whole Repos | Whole Wikis
-----------------------------------
4 | 0
Whole Orgs | Whole Staff Members | Whole Groups
----------------------------------------------------------
1 | 0 | 0
Personal Gis ts | Public Gists
-----------------------------------
0 | 1
Listing Department Safety
Use Case
Listing department protections in GitHub Enterprise
Syntax
Present the safety module, together with any related authentication info and URL. Optionally, provide a string within the choices parameter to return matching outcomes contained in repo names
GitHub Enterprise
SCMKit.exe -s github -m safety -c userName:password -u https://github.one thing.native
SCMKit.exe -s github -m safety -c apikey -u https://github.one thing.native
SCMKit.exe -s github -m safety -c apikey -u https://github.one thing.native -o reponame
Instance Output
C:>.SCMKit.exe -u http://github.hogwarts.native -s github -c apiToken -m safety -o public-r==================================================
Module: safety
System: github
Auth Sort: API Key
Choices: public-r
Goal URL: http://github.hogwarts.native
Timestamp: 8/29/2022 2:02:42 PM
==================================================
Repo | Department | Safety
----------------------------------------------------------------------------------------------------------
public-repo | dev | Protected: True
Standing checks should cross earlier than merge:
Department should be up-to-date earlier than merge: True
Proprietor evaluation required earlier than merge: True
Approvals required earlier than merge: 2
Protections apply to repo admins: True
public-repo | primary | Protected: False
Detection
Beneath are static signatures for the precise utilization of this software in its default state:
- Undertaking GUID –
{266C644A-69B1-426B-A47C-1CF32B211F80} - Person Agent String –
SCMKIT-5dc493ada400c79dd318abbe770dac7c - Entry Token & SSH Key Names – Entry tokens and SSH keys which are created utilizing the software are prepended with
SCMKIT-for the identify.
For detection steering of the methods utilized by the software, see the X-Pressure Pink weblog put up.
References
- Bitbucket API Documentation
- Octokit Documentation
- GitHub API Documentation
- GitLab API Documentation
- GitLabApiClient Nuget Package deal Documentation
[*]
