DotGit Enhanced

Detect exposed .git repositories, download objects, and extract source files — all in one click

DotGit Enhanced is a security research browser extension that automatically detects exposed version control directories and sensitive files on every website you visit. 🔍 WHAT IT DETECTS - Exposed .git/ repositories (validates HEAD content) - .svn/ Subversion databases (SQLite header check) - .hg/ Mercurial repositories (manifest detection) - .env files containing API keys, database credentials, and secrets - .DS_Store macOS metadata files that reveal directory structures - security.txt responsible disclosure policies (RFC 9116) 📦 ONE-CLICK DOWNLOAD & SOURCE EXTRACTION When an exposed .git repository is found, click the download button to: 1. Fetch Git objects using 50+ well-known paths and dynamic ref discovery 2. Detect directory listings for recursive crawling when available 3. Decompress all Git objects using zlib 4. Traverse commit → tree → blob chains to reconstruct actual source files 5. Deliver a ZIP containing both extracted source code AND raw .git data The resulting ZIP includes: - A source folder with reconstructed files (index.html, config files, scripts, etc.) - A raw .git folder for manual analysis with external tools - An ExtractionReport.txt documenting what was found, extracted, or failed - A DownloadStats.txt with HTTP status code breakdown 🛡️ INTELLIGENCE FEATURES - Open Source Detection — Reads .git/config to identify GitHub/GitLab remotes - security.txt Detection — Finds responsible disclosure contact information - Dynamic Ref Discovery — Scans downloaded files for branch names beyond static lists - Directory Listing Detection — Recursively crawls when server exposes file listings ⚙️ CONFIGURABLE - Toggle detection for each file type independently - Adjustable download concurrency, wait times, and failure thresholds - Hostname blacklist with wildcard support - Desktop notifications for new findings and download progress - Debug mode for troubleshooting 🎨 MODERN DARK UI - Stats dashboard with type-based breakdown - Color-coded badges for each finding type - Animated findings list with hover-reveal action buttons - Card-based settings with toggle switches ⚠️ IMPORTANT: This tool is designed for authorized security research and educational purposes only. Accessing systems without explicit permission is illegal in most jurisdictions. Always ensure proper authorization before investigating findings. All data is stored locally on your machine — nothing is sent to any external server. Built by Maor D. — Cyber Intelligence Researcher and author of "The Digital Hunter." Based on the original DotGit extension by davtur19, with discovery techniques inspired by git-dumper (Maxime Arthaud) and extraction concepts from GitTools (internetwache). GitHub: https://github.com/MaorDayanOfficial/DotGit-Enhanced