readme,images: add images to repo and adjust links in readme to not r…

…ely on external image source (eth0izzle#52)

.dockerignore

@@ -1,4 +1,5 @@
 Dockerfile
 LICENSE
 README.md
-config.yaml
+config.yaml
+images/

README.md

@@ -2,10 +2,7 @@
 
 **Shhgit finds secrets and sensitive files across GitHub code and Gists committed in *near* real time by listening to the [GitHub Events API](https://developer.github.com/v3/activity/events/).**
 
-<p align="center">
-<img src="https://www.darkport.co.uk/assets/img/shhgit.png" alt="shhgit" width="200" />
-</p>
-
+![shhgit](images/shhgit.png)
 ## **[NEW: LIVE VERSION. Find GitHub secrets straight from your browser!](https://shhgit.darkport.co.uk)**
 
 Finding secrets in GitHub is nothing new. There are many great tools available to help with this depending on which side of the fence you sit. On the adversarial side, popular tools such as <a href="https://github.com/michenriksen/gitrob">gitrob</a> and <a href="https://github.com/dxa4481/truffleHog">truggleHog</a> focus on digging in to commit history to find secret tokens from specific repositories, users or organisations. On the defensive side, GitHub themselves are actively scanning for secrets through their [token scanning](https://help.github.com/en/articles/about-token-scanning) project. Their objective is to identify secret tokens within committed code in real-time and notify the service provider to action. So in theory if any AWS secret keys are committed to GitHub, Amazon will be notified and automatically revoke them.
@@ -14,8 +11,9 @@ I developed shhgit to raise awareness and bring to life the prevalence of this i
 
 **With some tweaking of the signatures shhgit would make an awesome addition to your bug bounty toolkit.**
 
-<img src="https://www.darkport.co.uk/assets/img/shhgit-example.png" alt="shhgit" />
-<img src="https://www.darkport.co.uk/assets/img/shhgit-live-example.png" alt="shhgit live!" />
+
+![shhgit](images/shhgit-example.png)
+![shhgit live!](images/shhgit-live-example.png)
 
 ## Run from Docker