This tool can scan websites with open .git repositories for Bug Hunting/ Pentesting Purposes and can dump the content of the .git repositories from webservers that found from the scanning method. This tool works with the provided Single target or Mass Target from a file list. Installation: - git clone https://github.com/HightechSec/git-scanner - cd git-scanner - bash gitscanner.sh Or you can install in your system like this: - git clone https://github.com/HightechSec/git-scanner - cd git-scanner - sudo cp gitscanner.sh /usr/bin/gitscanner && sudo chmod +x /usr/bin/gitscanner - $ gitscanner Usage Menu's: - Menu 1 is for scanning and dumping git repositories from a provided file that contains the list of the target URL or a provided single target URL. - Menu 2 is for scanning only git repositories from a provided file that contains the list of the target URL or a provided single target URL. - Menu 3 is for dumping only the git repositories from a provided file that contains a list of the target URL or a provided single target URL. This will work for the Maybe Vuln Results or sometimes with a repository that had directory listing disabled or maybe had a 403 Error Response.
FEATURES
ALTERNATIVES
Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.
Linux privilege escalation auditing tool for detecting security deficiencies in Linux kernels.
Open source security auditing tool to search and dump system configuration.
Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.
SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.
A JavaScript scanner built in PHP for scraping URLs and other information.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.

Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.

Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.