Redteam Tip - Google dork for .git folder exposure
As a part of OSINT/Recon activity to identify sensitive information for specific organisation/website most of the security engineers were using Google dorks. In this article we were identifying the vulnerable websites which exposes .git folders in their web servers.
Google Dork - .git folder exposure:
Google Dork:
intext:"index of /.git" "parent directory"
Defend .git folder exposed Web servers:
<Directory ~ “\.git”>
Order deny,allow
Deny from all
</Directory>