Awesome
DotGit
An extension for checking if .git is exposed in visited websites
Features
- Check if a .git/.svn/.hg folder exists for each site you visit
- Check if a .env file exists for each site you visit
- Check if a .DS_Store file exists for each site you visit
- Check if the site is open source (github/gitlab)
- Check if the site has security.txt
- You will be notified when a folder is found
- List of exposed sites found
- Download the entire .git folder in zip format, even if the files are not listed on the site
- View .git/config with one click
- Options for: colors, notifications and downloads
Some checks are turned off by default, open the settings to turn them on
How the download works
There is a queue for downloads, with a maximum of simultaneous connections; if this number is exceeded, subsequent files are put on wait for X ms multiplied by the number of downloads already pending; the result of the multiplication cannot exceed the maximum wait
More info here
Note:
- Downloading is an extra feature to DotGit, it is not meant to download large repositories (there are limits to the memory usable by extensions, and DotGit does everything in RAM)
- Changing the download settings is recommended as by default the values are kept low to avoid problems for those who do not have a good connection or a good CPU, however too high values could freeze the browser even on powerful computers
- By default, svn, mercurial and dotenv are disabled, to activate them just go to settings and turn them on