This repository contains three small python/bash scripts used for the Git research. Read about it here
You can use this tool to find websites with their .git repository available to the public
This python script identifies websites with publicly accessible
.git repositories. It checks if the
.git/HEAD file contains
$ ./gitfinder.py -h
# Finder is part of https://github.com/internetwache/GitTools
# Developed and maintained by @gehaxelt from @internetwache
# Use at your own risk. Usage might be illegal in certain circumstances.
# Only for educational purposes!
usage: gitfinder.py [-h] [-i INPUTFILE] [-o OUTPUTFILE] [-t THREADS]
-h, --help show this help message and exit
-i INPUTFILE, --inputfile INPUTFILE
-o OUTPUTFILE, --outputfile OUTPUTFILE
-t THREADS, --threads THREADS
The input file should contain the targets one per line. The script will output discovered domains in the form of
[*] Found: DOMAIN to stdout.
Scanning Alexa’s Top 1M
sed -i.bak 's/.*,//' top-1m.csv
./gitfinder.py -i top-1m.csv
This tool can be used to download as much as possible from the found .git repository from webservers which do not have directory listing enabled.
$ ./gitdumper.sh -h
[*] USAGE: http://target.tld/.git/ dest-dir [--git-dir=otherdir]
--git-dir=otherdir Change the git folder name. Default: .git
Note: This tool has no 100% guaranty to completely recover the .git repository. Especially if the repository has been compressed into
pack-files, it may fail.
A small bash script to extract commits and their content from a broken repository.
This script tries to recover incomplete git repositories:
- Iterate through all commit-objects of a repository
- Try to restore the contents of the commit
- Commits are not sorted by date
$ ./extractor.sh /tmp/mygitrepo /tmp/mygitrepodump
/tmp/mygitrepo contains a
/tmp/mygitrepodump is the destination directory
This can be used in combination with the
Git Dumper in case the downloaded repository is incomplete.
Here’s a small demo of the Dumper tool:
- Python 3+
All tools are licensed using the MIT license. See LICENSE.md
This content has been shared for Educational And Non-Profit Purpose ONLY