DotGit
Item logo image for DotGit

DotGit

Featured
5.0(

8 ratings

)
Item media 1 screenshot
Item media 2 screenshot

Overview

An extension for checking if .git is exposed in visited websites

An extension for checking if .git is exposed in visited websites - Check if a .git/.svn/.hg folder exists for each site you visit - Check if a .env file exists for each site you visit - Check if the site is open source (github/gitlab) - Check if the site has security.txt - You will be notified when a folder is found - List of exposed sites found - Download the entire .git folder in zip format, even if the files are not listed on the site - View .git/config with one click - Options for: colors, notifications and downloads Some checks are turned off by default, open the settings to turn them on Source code: https://github.com/davtur19/DotGit

5 out of 58 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Max ZAug 28, 2023

Love it, but it does not seem to work with the latest chrome version (Popup seems compressed and unreadable)

Replier's profile picture

DavideDeveloperAug 28, 2023

It has been fixed in version 4.7 https://github.com/davtur19/DotGit/issues/13

Review's profile picture

Chris PosadaJan 23, 2023

This is an awesome extension. A++

1 person found this review to be helpful
Review's profile picture

TezaRockNov 29, 2022

It's an amazing tool, I have one question. I have list of URLs on whcih I need to run this tool. Please let me know how can I pass all URL to test ? Is there CLI tool? Please advise. Thanks.

2 out of 2 people found this helpful
Replier's profile picture

DavideDeveloperNov 29, 2022

You can do this in two ways: 1) Open the links in the browser, https://stackoverflow.com/questions/38147620/shell-script-to-open-a-url 2) Use another CLI tool, https://github.com/internetwache/GitTools

Details

  • Version
    4.8
  • Updated
    September 20, 2023
  • Offered by
    davtur19
  • Size
    145KiB
  • Languages
    English
  • Developer
    Email
    dav.tur19@gmail.com
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

Related

Hack-Tools

4.7(19)

The all in one Red team extension for web pentester

HackBar

4.2(48)

A browser extension for Penetration Testing

Bishop Vulnerability Scanner

3.8(12)

Search websites for git repos, exposed config files, and more as you browse.

retire.js

4.9(8)

Scanning website for vulnerable js libraries

Wappalyzer - Technology profiler

4.6(1.9K)

Identify web technologies

Shodan

4.5(132)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

OWASP Penetration Testing Kit

4.9(42)

OWASP Penetration Testing Kit

Trufflehog

5.0(5)

Sniffing out credentials

Check for .git directory existence

0.0(0)

This extension will check for an existing .git directory on your site, which is a big security leak.

XSS

5.0(7)

Web Development tool

Vulners Web Scanner

4.5(19)

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

CounterXSS

5.0(1)

An Extension to counter XSS attack!

Hack-Tools

4.7(19)

The all in one Red team extension for web pentester

HackBar

4.2(48)

A browser extension for Penetration Testing

Bishop Vulnerability Scanner

3.8(12)

Search websites for git repos, exposed config files, and more as you browse.

retire.js

4.9(8)

Scanning website for vulnerable js libraries

Wappalyzer - Technology profiler

4.6(1.9K)

Identify web technologies

Shodan

4.5(132)

The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.

OWASP Penetration Testing Kit

4.9(42)

OWASP Penetration Testing Kit

Trufflehog

5.0(5)

Sniffing out credentials

Google apps