search
githubEdit

Exposed Github Repositories Dumping

hashtag
Tools: Directory fuzzer tools (Feroxbuster, gobuster, dirbouster, etc...) and GitTools: https://github.com/internetwache/GitTools

hashtag
Wordlist used: /usr/share/seclists/Discovery/Web-Content/common.txt (Other standard wordlists might NOT detect the .git exposed folder)

hashtag
Steps:

feroxbuster -u http://DOMAIN.LOCAL -w /usr/share/seclists/Discovery/Web-Content/common.txt

hashtag
If an exposed .git folder is found, then we use the git tools to dump the entire repository to search for sensitive data and source code review

git-dumper.sh http://DOMAIN.LOCAL/.git/ /home/user/Desktop/repo

hashtag
Then, if we want to check for commits that we might find some sort of credentials and important information, go to the directory where the .git folder is located

/path/to/extractor.sh /home/user/Desktop/repo /home/user/Desktop/repodump

git log (Gets all commits in the repository)

git show COMMIT_NUMBER (See the specific commit in detail)
PreviousDirectory Path TraversalNextFastCGI

Last updated