Gitjacker downloads git repositories and extracts their contents from sites where the .git
directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are disabled.
For educational/penetration testing use only.
More information at https://liam-galvin.co.uk/security/2020/09/26/leaking-git-repos-from-misconfigured-sites.html
![](https://1.bp.blogspot.com/-BKKjsWh08U0/X5ALc-ls8eI/AAAAAAAAH0I/QQxvMlY67swed95CBik4EuwuNcigUdejgCLcBGAsYHQ/s928/gitjacker.gif)
Installation
curl -s “https://raw.githubusercontent.com/liamg/gitjacker/master/scripts/install.sh” | bash
…or grab a precompiled binary.
You will need to have git
installed to use Gitjacker.