Bitbucket
Bitbucket is Atlassian’s code hosting platform, heavily adopted by enterprises and agile development teams that integrate with Jira, Confluence, and other Atlassian tools. While it is often used for private repositories, exposures here can be just as dangerous especially if sensitive credentials or system access tokens are committed.
GitScan extends its scanning power to Bitbucket, applying the same visibility and detection logic as with GitHub. This ensures your organization’s intellectual property is protected across both platforms.
Platform Selection
On the top-right side of the GitScan interface, you have the option to choose between GitHub and Bitbucket.
By selecting GitHub, the system will display all repositories, commits, and code files associated with your GitHub environment.
Choosing Bitbucket works the same way but focuses only on Bitbucket-hosted projects.
Code Exposure Dashboard
Beneath the header, the dashboard highlights the core indicators of your GitHub exposure:
Code
Total number of source code files discovered. Clicking this opens a detailed list of cards showing each file with its name, path, and repository details.
Repositories
Displays all repositories tied to your organization. Selecting this provides cards with repository names, owners, and descriptions, giving you full visibility of where your code lives.
Issues / Pull Request
Shows the number of tracked GitHub issues or pull requests.
Users
Highlights contributors and developers associated with your repositories.
Commits
Displays all code changes detected. Clicking this reveals commit details such as the author, timestamp, and commit message allowing you to trace exactly when and how sensitive data was introduced.
Each metric is clickable, giving you a structured drill-down into every detail. This is where the system’s strength really shines: instead of overwhelming you with raw data, it organizes and contextualizes exposures into actionable intelligence.
Platform Selection (GitHub / Bitbucket)
On the top-right side of the GitScan interface, you have the option to choose between GitHub and Bitbucket.
No matter which platform you select, the details displayed below (cards) follow the same structure. This ensures a consistent experience whether your source code is stored in GitHub or Bitbucket, giving your team unified visibility and control across platforms.
Detailed Results View
When you click on any metric (Code, Repositories, Issues / Pull Requests, Users, or Commits), GitScan presents the results as cards listed below. Each card provides structured, actionable details about the discovered repository or file.
Every card typically contains the following fields:
Repository Title & Description
The official repository name along with a short description, helping you quickly identify the project’s purpose.
Direct Repository Link
At the top of each card, the repository title (e.g., falcon) is displayed as a clickable link. Clicking this link takes you directly to the repository on the platform (GitHub or Bitbucket).
Name & Path
Displays the exact file name and its directory path inside the repository, so you can locate sensitive files with precision.
Repository Information
Includes the repository name, its owner (if available), and any description metadata. This ensures you know exactly which repository the file belongs to.
Author Information
Provides details about the author of the commit or file, including author name, commit date, and email address (if available). This is crucial for tracking accountability and auditing changes.
Why This Is Strong
What makes this system powerful is not just listing files or repositories, but connecting the dots:
You instantly see which code file contains exposure,
where exactly it is stored (repository + path),
and who introduced it (author + commit details).
This level of visibility ensures no hidden risks remain unnoticed. Every commit, every contributor, and every repository is fully monitored in real-time across both GitHub and Bitbucket.
Last updated
Was this helpful?