DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories.
The tool will flag the matches for potentially sensitive files like credentials, secret keys, tokens, etc which have been accidentally uploaded by the developers. DumpTheGit just requires your Github Access Token to fetch the information.
- Download the DumpTheGit repository into your system: git clone https://github.com/Securityautomation/DumpTheGit.git
- Move the repository’s file in your webserver(example: Tomcat, XAMPP, LAMP, default(MAC apache), etc.)
- Open the index.html to access the tool.
The post [Blackhat Europe tool] DumpTheGit: find sensitive information uploaded to the Github repositories appeared first on Penetration Testing.