2 million .git directories exposed! Why .git folders are sensitive & how they are leaked publicly скачать в хорошем качестве

2 million .git directories exposed! Why .git folders are sensitive & how they are leaked publicly

In this video, we look through research by CyberNews and other independent researchers that exposes the huge problem of publicly accessible .git directories hosted on web servers. These folders contain all the metadata from a git repository including all the history, commit data and remote host information. These can contain lots of sensitive information that hackers can use to exploit your website and are often very sensitive. We look in detail at what .git directories are, what sensitive information they contain and how they become accidentally public. Links: CyberNews research - https://cybernews.com/security/millio... SDCat Research -   / sdcat   Indian gov breach - https://blog.gitguardian.com/indian-g... Tools GGShield, detect secrets in git - https://github.com/GitGuardian/ggshield Amass, In-depth Attack Surface Mapping and Asset Discovery https://github.com/OWASP/Amass DirSearch, Web path scanner - https://github.com/maurosoria/dirsearch GitJacker - https://github.com/liamg/gitjacker Intro 0:00 What are .git directories 0:44 Why are .git directories sensitive 0:37 How are .git folders get exposed 4:30