Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/liamg/gitjacker

🔪 :octocat: Leak git repositories from misconfigured websites
https://github.com/liamg/gitjacker

git hacking penetration-testing pentesting red-team

Last synced: 4 days ago
JSON representation

🔪 :octocat: Leak git repositories from misconfigured websites

Awesome Lists containing this project

README

        

# gitjacker

[![Travis Build Status](https://travis-ci.org/liamg/gitjacker.svg?branch=master)](https://travis-ci.org/liamg/gitjacker)

Gitjacker downloads git repositories and extracts their contents from sites where the `.git` directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are disabled.

For educational/penetration testing use only.

More information at [https://liam-galvin.co.uk/security/2020/09/26/leaking-git-repos-from-misconfigured-sites.html](https://liam-galvin.co.uk/security/2020/09/26/leaking-git-repos-from-misconfigured-sites.html)

![Demo Gif](demo.gif)

## Installation

```bash
curl -s "https://raw.githubusercontent.com/liamg/gitjacker/master/scripts/install.sh" | bash
```

...or grab a [precompiled binary](https://github.com/liamg/gitjacker/releases).

You will need to have `git` installed to use Gitjacker.

## In The News
- 20/06/21: [Console 58](https://console.substack.com/p/console-58) - Awesome newsletter featuring tools and beta releases for developers.
- 19/10/20: [ZDNet Article](https://www.zdnet.com/article/new-gitjacker-tool-lets-you-find-git-folders-exposed-online/) - *New Gitjacker tool lets you find .git folders exposed online*