Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/liamg/gitjacker
🔪 :octocat: Leak git repositories from misconfigured websites
https://github.com/liamg/gitjacker
git hacking penetration-testing pentesting red-team
Last synced: 4 days ago
JSON representation
🔪 :octocat: Leak git repositories from misconfigured websites
- Host: GitHub
- URL: https://github.com/liamg/gitjacker
- Owner: liamg
- License: unlicense
- Created: 2020-09-23T18:33:08.000Z (about 4 years ago)
- Default Branch: master
- Last Pushed: 2022-12-23T13:31:12.000Z (almost 2 years ago)
- Last Synced: 2024-11-30T18:02:47.497Z (11 days ago)
- Topics: git, hacking, penetration-testing, pentesting, red-team
- Language: Go
- Homepage:
- Size: 1.61 MB
- Stars: 1,554
- Watchers: 45
- Forks: 121
- Open Issues: 10
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-bugbounty-tools - gitjacker - Leak git repositories from misconfigured websites (Miscellaneous / Git)
- jimsghstars - liamg/gitjacker - 🔪 :octocat: Leak git repositories from misconfigured websites (Go)
- awesome-list - gitjacker
- awesome-hacking-lists - liamg/gitjacker - 🔪 :octocat: Leak git repositories from misconfigured websites (Go)
README
# gitjacker
[![Travis Build Status](https://travis-ci.org/liamg/gitjacker.svg?branch=master)](https://travis-ci.org/liamg/gitjacker)
Gitjacker downloads git repositories and extracts their contents from sites where the `.git` directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are disabled.
For educational/penetration testing use only.
More information at [https://liam-galvin.co.uk/security/2020/09/26/leaking-git-repos-from-misconfigured-sites.html](https://liam-galvin.co.uk/security/2020/09/26/leaking-git-repos-from-misconfigured-sites.html)
![Demo Gif](demo.gif)
## Installation
```bash
curl -s "https://raw.githubusercontent.com/liamg/gitjacker/master/scripts/install.sh" | bash
```...or grab a [precompiled binary](https://github.com/liamg/gitjacker/releases).
You will need to have `git` installed to use Gitjacker.
## In The News
- 20/06/21: [Console 58](https://console.substack.com/p/console-58) - Awesome newsletter featuring tools and beta releases for developers.
- 19/10/20: [ZDNet Article](https://www.zdnet.com/article/new-gitjacker-tool-lets-you-find-git-folders-exposed-online/) - *New Gitjacker tool lets you find .git folders exposed online*