Scanning an Entire GitHub Organization for Leaked Secrets
Most organizations have more GitHub surface area than they think: active services, abandoned repositories, internal tooling, forks, experiments, and projects inherited through acquisitions. A credential leaked in a five-year-old archived repo can still be live today.
Kingfisher can enumerate every repository in a GitHub organization, scan the full git history, and then validate which credentials are still live so you can focus on what needs rotation first.