The Latest Infosec News, Tools, and Exploits – Got Root?
Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed. Join The Slack Have questions? Feedback? Jump in slack and hang out with me […]
Gitjacker downloads git repositories and extracts their contents from sites where the .git directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are […]
GitDump dumps source code from website/.git directory when directory traversal is disabled. How it works: [su_quote] [*]Fetch all common files (.git/index, .git/HEAD, .git/ORIG_HEAD, etc.). [*]Find as many objects (sha1) as possible by analyzing .git/packed-refs, .git/index, […]
Gentoo released a statement today in regards to their Github being compromised. They advise for now that all Gentoo code hosted on Github should be treated as compromised code, but not that from the Gentoo […]
On Tuesday the code repository GitHub contacted a number of users to warn that their passwords had been stored in plain text within internal logs due a flaw in their password reset system. According to […]
