Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/HightechSec/git-scanner
A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
https://github.com/HightechSec/git-scanner
bash bughunting git-dumper hacking-tools pentest-tool pentesting security-audit
Last synced: 2 months ago
JSON representation
A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
- Host: GitHub
- URL: https://github.com/HightechSec/git-scanner
- Owner: HightechSec
- License: mit
- Created: 2020-05-17T14:30:19.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2020-06-23T05:44:26.000Z (over 4 years ago)
- Last Synced: 2024-08-02T15:47:08.385Z (5 months ago)
- Topics: bash, bughunting, git-dumper, hacking-tools, pentest-tool, pentesting, security-audit
- Language: Shell
- Size: 1.11 MB
- Stars: 333
- Watchers: 10
- Forks: 89
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE.md
Awesome Lists containing this project
- awesome-hacking-lists - HightechSec/git-scanner - A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public (Shell)
README
# Git Scanner Framework
[](https://github.com/HightechSec/git-scanner/blob/master/LICENSE.md)
This tool can scan websites with open ```.git``` repositories for `Bug Hunting`/ `Pentesting Purposes` and can dump the content of the ```.git``` repositories from webservers that found from the scanning method. This tool works with the provided Single target or Mass Target from a file list.
## Installation
```
- git clone https://github.com/HightechSec/git-scanner
- cd git-scanner
- bash gitscanner.sh
```
or you can install in your system like this
```
- git clone https://github.com/HightechSec/git-scanner
- cd git-scanner
- sudo cp gitscanner.sh /usr/bin/gitscanner && sudo chmod +x /usr/bin/gitscanner
- $ gitscanner
```
## Usage
- Menu's
- Menu `1` is for scanning and dumping git repositories from a provided file that contains the `list of the target url` or a provided `single target url`.
- Menu `2` is for scanning only a git repositories from a provided file that contains the `list of the target url` or a provided `single target url`.
- Menu `3` is for Dumping only the git repositories from a provided file that contains `list of the target url` or a provided `single target url`. This will work for the `Maybe Vuln` Results or sometimes with a repository that had directory listing disabled or maybe had a `403 Error Response`.
- Menu `4` is for Extracting files only from a Folder that had .git Repositories to a destination folder
- URL Format
- Use ```http://``` like ```http://example.com``` or ```https://``` like ```https://example.com``` for the url formatting
- Make sure use this format in the files that contains the list of possible target that you have, Example:
- https://target.com
- http://hackerone.com
- https://bugcrowd.com
- Extractor
- When using Extractor, make sure the location of the git repositories that you select are correct. Remember, The first option is for inputing the `Selected git repository` and the second option is for inputing the `Destination folder`
## Requirements
* curl
* bash
* git
* sed
## Todos
- Creating a `Docker Images` if it's possible
- ~~Adding Extractor on the next Version~~ Added in version 1.0.2#beta but still experimental.
- Adding ~~Thread Processing~~ Multi Processing (`Bash doesn't Support Threading`)
## Changelog
All notable changes to this project listed in this [file](https://github.com/HightechSec/git-scanner/blob/master/CHANGELOG.md)
# Credits
Thanks to:
- [GitTools](https://github.com/internetwache/GitTools) by [internetwache](https://github.com/internetwache/)
- [Mass Git Scanner](https://github.com/Adelittle/Mass_Git_Scanner/) by [Ade Little](https://github.com/Adelittle/)