Skip to content
AIR Knowledge Base

Github Desktop Databases

Overview

Section titled “Overview”

Evidence: Github Desktop Databases
Description: Collect Github Desktop Databases
Category: Applications
Platform: windows
Short Name: gtdb
Is Parsed: No
Sent to Investigation Hub: No
Collect File(s): Yes

Background

Section titled “Background”

GitHub Desktop and GitHub Visual Studio extension store repository information, commit history, and connection details in database files. These databases track local repositories, GitHub accounts, and synchronization state.

Data Collected

Section titled “Data Collected”

This collector gathers structured data about github desktop databases.

Collection Method

Section titled “Collection Method”

This collector gathers GitHub Desktop database directories, GitHub Visual Studio database files, and connection files from Roaming and Local directories.

Forensic Value

Section titled “Forensic Value”

GitHub databases reveal accessed repositories, cloned projects, commit activity, and GitHub accounts. This is valuable for identifying intellectual property theft, leaked credentials in commits, and unauthorized repository access.