Single username flow
The tool keeps the public experience simple: one GitHub username, one scan action, one readable report. Usernames are validated before the backend scanner is queried.
ShadowProfile
GitHub exposure audit for public identities
Enter a GitHub username to generate a fast defensive exposure scorecard across public repositories, gists, risky file paths, metadata signals, and secret-like indicators. ShadowProfile reviews public GitHub data only and returns a masked, attacker-view summary for defensive self-review.
Public GitHub Data
Repository Signals
Gist Review
Metadata Exposure
Masked Evidence
Run GitHub exposure audit
Public data only. ShadowProfile reviews public GitHub profile, repository, gist, and file-path signals. It does not access private repositories and evidence is masked before display.
Preparing public GitHub exposure report…
Attacker-view summary
Findings requiring review
Recommended next steps
Scanner capability
Live public GitHub exposure review
ShadowProfile queries public GitHub profile, repository, gist, and file-path data through a protected backend service. Results are scored, summarised, and returned with masked evidence so users can review their public developer footprint safely.
Scorecard and findings
The UI displays score, risk level, repository count, gist count, finding severity, masked evidence, and practical remediation guidance returned by the live scanner.
Powered by API Gateway and Lambda
The frontend calls a protected backend endpoint that collects public GitHub data, applies lightweight exposure checks, and returns a frontend-ready JSON scorecard.
Turn a public scorecard into a deeper exposure review
ShadowProfile can become the lightweight entry point for developer exposure awareness, public GitHub hygiene checks, and future NOMADITECH exposure intelligence services.