Repo Lookout is a large-scale security scanner, with a single purpose: Find source code repositories that have been inadvertently exposed to the public and report them to the domain’s technical contact.
Accidentally exposed source code repositories often contain highly sensitive information that can be used for downstream attacks, such as data leakage and ransomware extortion. While the problem has been known and extensively documented for years, our findings show that it is still prevalent.
Our goal is to combat this vulnerability by automatically detecting and reporting instances.
More information at: https://www.repo-lookout.org
This repository is used as a public issue tracker and to store additional information, such as mitigations for various server software.
At this point, the repository does not contain the source code for the actual crawler software.