With constantly evolving technology and the influx of new platforms, cybersecurity is a big issue. It's important for users to trust your platform in order to for them to continue using it. We noticed a security issue in GitHub, an already well established platform, and wanted to see how we could spoof its security and once spoofed, how we can make it better for its users.
What it does
Git-break has 2 functions: defending and checking. With the defend feature, the tool works for you, the user. If the user feels that all of their hard work and time spent on their code may be at risk on GitHub, they can paste their repo into our tool and we will keep it on our radar and send you text notifications. If the user wants to test the security of other repos in GitHub, they can paste that specific repo path and use our check feature. We validate repos, identifying licenses and branches for ease of access and to enhance user experience.
How we built our project
We used various technologies to allow our project to come to life. We used python, go, css, and html for our backend coding. We used APIs like Twilio, and GitHub. Other technologies we used include nginx, make, systemd unit rules, and ufw.
Challenges we ran into
Not enough time to apply auth0 changes. And could use better templating scheme for some web pages. Twilio SMS text stuff.
Accomplishments that we're proud of
Most of our team is new to hacking, GirlHacks 2022 being our first hackathon, so we definitely learned a lot. Some of us had little experience with coding and even the GitHub platform itself, but we were able to do our research and work with each other to take our thoughts from the ideation phase to execution, accomplishing a unique tool as a result, which targets a serious issue.
What we learned
We learned how to creatively think outside of the box, how to code in new languages, and how to test features, in an agile manner.
What's next for git break
We hope to see Git-break thrive with these select features for GitHub and with time, have it to serve as a security tool extending to other platforms as well.