GitTools is a collection of three specialized tools designed for extracting and analyzing information from exposed .git repositories on websites. The toolkit includes: - GitTools: Extracts information from .git repositories - GitDumper: Downloads and reconstructs the complete contents of a .git repository - GitScanner: Scans .git repositories to identify sensitive information such as credentials, API keys, and other confidential data These tools are commonly used during penetration testing and security assessments to identify information disclosure vulnerabilities when .git directories are accidentally exposed on web servers. The tools can help security professionals discover source code, configuration files, commit history, and potentially sensitive data that should not be publicly accessible.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
SharpEDRChecker scans system components to detect security products and tools.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.
An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
PyBOF is a Python library that enables in-memory loading and execution of Beacon Object Files (BOFs) with support for argument passing and function targeting.
A suite of tools for Wi-Fi network security assessment and penetration testing.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.