This tool can scan websites with open .git repositories for Bug Hunting/ Pen testing Purposes and can dump the content of the .git repositories from web-servers that found from the scanning method. This tool works with the provided Single target or Mass Target from a file list.
Demo
Installation of the tool
git clone https://github.com/HightechSec/git-scanner
cd git-scanner
bash gitscanner.sh
Usage of the tool
Menu's
-
Menu 1 is for scanning and dumping git repositories from a provided file that contains the list of the target url or a provided single target url.
-
Menu 2 is for scanning only a git repositories from a provided file that contains the list of the target url or a provided single target url.
-
Menu 3 is for Dumping only the git repositories from a provided file that contains list of the target url or a provided single target url. This will work for the Maybe Vuln Results or sometimes with a repository that had directory listing disabled or maybe had a 403 Error Response.
-
Menu 4 is for Extracting files only from a Folder that had .git Repositories to a destination folder
URL Format
Use http:// like http://example.com or https:// like https://example.com for the url formatting
Requirements of the tool
-
curl
-
bash
-
git
-
Sed