Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/liamg/gitjacker

🔪 :octocat: Leak git repositories from misconfigured websites
https://github.com/liamg/gitjacker

git hacking penetration-testing pentesting red-team

Last synced: about 1 month ago
JSON representation

🔪 :octocat: Leak git repositories from misconfigured websites

Host: GitHub
URL: https://github.com/liamg/gitjacker
Owner: liamg
License: unlicense
Created: 2020-09-23T18:33:08.000Z (over 3 years ago)
Default Branch: master
Last Pushed: 2022-12-23T13:31:12.000Z (over 1 year ago)
Last Synced: 2024-05-02T00:55:28.614Z (about 2 months ago)
Topics: git, hacking, penetration-testing, pentesting, red-team
Language: Go
Homepage:
Size: 1.61 MB
Stars: 1,532
Watchers: 45
Forks: 121
Open Issues: 10
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Lists

awesome-list - gitjacker
awesome-bugbounty-tools - gitjacker - Leak git repositories from misconfigured websites (Miscellaneous / Git)
awesome-bugbounty-tools - gitjacker - Leak git repositories from misconfigured websites (Miscellaneous / Git)
awesome-stars - gitjacker
awesome-stars - liamg/gitjacker - 🔪 :octocat: Leak git repositories from misconfigured websites (Go)
awesome-bugbounty-tools - gitjacker - Leak git repositories from misconfigured websites (Miscellaneous / Git)
awesome-bugbounty-tools - gitjacker - Leak git repositories from misconfigured websites (Miscellaneous / Git)
jimsghstars - liamg/gitjacker - 🔪 :octocat: Leak git repositories from misconfigured websites (Go)
awesome-hacking-lists - gitjacker - 🔪 :octocat: Leak git repositories from misconfigured websites (Go)
awesome-hacking-lists - gitjacker - 🔪 :octocat: Leak git repositories from misconfigured websites (Go (531))
awesome - gitjacker - 🔪 :octocat: Leak git repositories from misconfigured websites (Go)
awesome-hacking-lists - liamg/gitjacker - 🔪 :octocat: Leak git repositories from misconfigured websites (Go)

README

# gitjacker

[![Travis Build Status](https://travis-ci.org/liamg/gitjacker.svg?branch=master)](https://travis-ci.org/liamg/gitjacker)

Gitjacker downloads git repositories and extracts their contents from sites where the `.git` directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are disabled.

For educational/penetration testing use only.

More information at [https://liam-galvin.co.uk/security/2020/09/26/leaking-git-repos-from-misconfigured-sites.html](https://liam-galvin.co.uk/security/2020/09/26/leaking-git-repos-from-misconfigured-sites.html)

![Demo Gif](demo.gif)

## Installation

```bash
curl -s "https://raw.githubusercontent.com/liamg/gitjacker/master/scripts/install.sh" | bash
```

...or grab a [precompiled binary](https://github.com/liamg/gitjacker/releases).

You will need to have `git` installed to use Gitjacker.

## In The News
- 20/06/21: [Console 58](https://console.substack.com/p/console-58) - Awesome newsletter featuring tools and beta releases for developers.
- 19/10/20: [ZDNet Article](https://www.zdnet.com/article/new-gitjacker-tool-lets-you-find-git-folders-exposed-online/) - *New Gitjacker tool lets you find .git folders exposed online*