This tool can scan websites with open
.git
repositories for Bug Hunting
/ Pentesting Purposes
and can dump the content of the .git
repositories from webservers that found from the scanning method. This tool works with the provided Single target or Mass Target from a file list.Installation
- git clone https://github.com/HightechSec/git-scanner
- cd git-scanner
- bash gitscanner.sh
or you can install in your system like this- git clone https://github.com/HightechSec/git-scanner
- cd git-scanner
- sudo cp gitscanner.sh /usr/bin/gitscanner && sudo chmod +x /usr/bin/gitscanner
- $ gitscanner
Usage
- Menu's
- Menu
1
is for scanning and dumping git repositories from a provided file that contains thelist of the target url
or a providedsingle target url
. - Menu
2
is for scanning only a git repositories from a provided file that contains thelist of the target url
or a providedsingle target url
. - Menu
3
is for Dumping only the git repositories from a provided file that containslist of the target url
or a providedsingle target url
. This will work for theMaybe Vuln
Results or sometimes with a repository that had directory listing disabled or maybe had a403 Error Response
. - Menu
4
is for Extracting files only from a Folder that had .git Repositories to a destination folder
- Menu
- URL Format
- Use
http://
likehttp://example.com
orhttps://
likehttps://example.com
for the url formatting - Make sure use this format in the files that contains the list of possible target that you have, Example:
- Use
- Extractor
- When using Extractor, make sure the location of the git repositories that you select are correct. Remember, The first option is for inputing the
Selected git repository
and the second option is for inputing theDestination folder
- When using Extractor, make sure the location of the git repositories that you select are correct. Remember, The first option is for inputing the
Requirements
- curl
- bash
- git
- sed
Todos
- Creating a
Docker Images
if it's possible Adding Extractor on the next VersionAdded in version 1.0.2#beta but still experimental.- Adding
Thread ProcessingMulti Processing (Bash doesn't Support Threading
)
Changelog
All notable changes to this project listed in this file
Credits
Thanks to:
via KitPloit
Related links
- Hacker Google
- Hacker Forum
- Pentesting And Ethical Hacking
- Pentest Companies
- Hacker Software
- Pentest Active Directory
- Hacker Lab
- Pentester Academy
- Hacking Gif
- How To Pentest A Network
- Hacking Site
- Pentest Windows 7
- Pentest Security
- Hacking Forums
- Hacking Jacket
- Hacking For Dummies
- Hacking Language
- Pentest Ios
- Pentest Report Generator
- Pentest Process
No comments:
Post a Comment