Powerful Python tool for in-depth GitHub analysis, designed for multiple platforms and still in development.
Project description
EXC Analyzer
EXC Analyzer is a professional command-line tool for advanced GitHub repository intelligence, security auditing, and content analysis. Designed for security researchers, penetration testers, and open-source maintainers, it bridges the gap between simple metadata and deep, actionable insights.
Table of Contents
- Features
- Installation
- Authentication
- Quick Start
- Command Reference
- Output & Reports
- Localization
- Troubleshooting
- License
Features
- Intelligence Gathering: Deep-dive into repository metadata, contributor impact, and historical anomalies.
- Security Auditing: Score repository security posture, audit GitHub Actions workflows, and scan for secrets in commits/files.
- Dork Scanning: Powerfully search public code using GitHub dorks to find sensitive exposures.
- User Profiling: Analyze user activity patterns, potential anomalies, and contributions.
- Smart Rate-Limiting: Handles API quotas automatically with intelligent pausing and retries.
- Localization: Localization is currently available in English and Turkish, but the infrastructure is ready to expand to a wider range of languages through community contributions.
Installation
Kali Linux / Debian
Download the latest .deb from Releases and run:
sudo dpkg -i exc-analyzer_1.3.0-1_all.deb
sudo apt-get install -f # Fix dependencies if needed
Windows
pip install exc-analyzer
(Requires Python 3.7+)
Authentication
- Login:
exc login - Authorize: The tool will provide a code (and copy it to your clipboard). It will open your browser to GitHub activation.
- Ready: Paste the code, approve the permissions, and you are done!
The token behaves like a standard GitHub App connection and is stored securely in your OS credential manager.
Quick Start
1. Analyze a Repository:
exc analysis torvalds/linux
2. Search for Sensitive Data (Dorks) (User's responsibility):
exc dork-scan "filename:config.php 'db_password'"
3. Scan for Secrets:
exc scan-secrets microsoft/vscode -l 20
Information Gathering
analysis <owner>/<repo>- Get a comprehensive overview of repository health, stats, and top contributors.user-a <username>- Analyze public profile, top languages, and activity summary.contrib-impact <owner>/<repo>- Calculate impact scores for individual contributors to identify key maintainers.file-history <owner>/<repo> <path>- View granular commit history for a specific file.
Security & Auditing
security-score <owner>/<repo>- Evaluate repository security (branch protection, code scanning, security policies).actions-audit <owner>/<repo>- Audit GitHub Actions workflows for dangerous triggers and insecure practices.scan-secrets <owner>/<repo>- Fast scan of recent commits for credentials and tokens.advanced-secrets <owner>/<repo>- Deep scan of current file contents and history for high-entropy secrets.dork-scan <query>- Search GitHub for sensitive sensitive code patterns (dorks). Supports export.
Anomaly Detection
commit-anomaly <owner>/<repo>- Detect suspicious commit times, mass deletions, or unusual messages.user-anomaly <username>- Identify irregular activity spikes or behavioral outliers for a user.
Content Audit
content-audit <owner>/<repo>- Check for essential community standards (LICENSE, CODE_OF_CONDUCT, CONTRIBUTING.md).
Utilities
login- Log in with your GitHub account to start analyzing.logout- Log out from your GitHub account.
Output & Reports
Most commands support the -o or --output flag to save results to a file:
# Save to a generated filename (e.g., analysis_owner_repo_date.txt)
exc analysis owner/repo -o
# Save to a specific file
exc dork-scan "password" -o results.txt
Localization
Switch languages dynamically using --lang or the environment variable:
- English (Default):
exc --lang en analysis owner/repo - Turkish:
exc --lang tr analysis owner/repo
(Selection is remembered for future commands.)
Troubleshooting
- Rate Limits: If you hit API limits, the tool will automatically pause and retry. Using an authenticated token (
exc login) increases your quota significantly. - Colors: If output looks strange, ensure your terminal supports ANSI colors.
License
MIT License. See LICENSE file for details.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file exc_analyzer-1.3.1.tar.gz.
File metadata
- Download URL: exc_analyzer-1.3.1.tar.gz
- Upload date:
- Size: 180.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d206c46eaf15b0d75adfd8f8952e22f7fb36646dfc2ce810b38ea296c8479fd9
|
|
| MD5 |
e456707ac3c15926d5a8673d14ebe457
|
|
| BLAKE2b-256 |
661358a95f7b9583d791c8f6e78577129ea3e1875e0200cf84f0e5317ff1a4e8
|
File details
Details for the file exc_analyzer-1.3.1-py3-none-any.whl.
File metadata
- Download URL: exc_analyzer-1.3.1-py3-none-any.whl
- Upload date:
- Size: 190.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fdfc1cb30d8e029d1e315d9d08ac3f620b7bc7b3ef4f14e0c7d870b5960e0724
|
|
| MD5 |
7b9c5224b0c165b891a69462921abd2a
|
|
| BLAKE2b-256 |
0ff7cc86951fa4bab34377932e25274106ab7cb0830187739815eae1cfaa2e91
|
