Updated Gitjacker tool allows identifying exposed .git folders

16
Updated Gitjacker tool allows identifying exposed git folders

Developers can use the new tool names Gitjacker to detect if they accidentally uploaded /.git folders online or have left sensitive data exposed for potential attacks. Liam Galvin, a British software engineer, developed the tool and is written in Go. The tool was made available on GitHub as a free download. The simplest version can scan a domain and allow users to detect the location of a /.git folder on the production systems.

Read More: Enhanced IT security with deception strategy

To put into proper context, developers should never upload /.git folders online. The folder has complete repository data like commit history, the real content of each repository file, and configuration.

Source: Zdnet