Skip to content

🔪 :octocat: Leak git repositories from misconfigured websites

License

Notifications You must be signed in to change notification settings

liamg/gitjacker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

gitjacker

Travis Build Status

Gitjacker downloads git repositories and extracts their contents from sites where the .git directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are disabled.

For educational/penetration testing use only.

More information at https://liam-galvin.co.uk/security/2020/09/26/leaking-git-repos-from-misconfigured-sites.html

Demo Gif

Installation

curl -s "https://raw.githubusercontent.com/liamg/gitjacker/master/scripts/install.sh" | bash

...or grab a precompiled binary.

You will need to have git installed to use Gitjacker.

In The News

  • 20/06/21: Console 58 - Awesome newsletter featuring tools and beta releases for developers.
  • 19/10/20: ZDNet Article - New Gitjacker tool lets you find .git folders exposed online