Git is an open-source distributed version control system that is available to all kinds of users for free. Git tools work in conjugation with Git repositories.

OK, now in human language…when you see a .git directory in a web app – it is good. It means the web app developer by mistake (or not?) deployed / left the .git folder of the project exposed. You should download it, cause it will allow you to get access to the web app’s source code.

But you can’t just copy the .git folder and think that’s it…you need special special toolz. Tools that will allow you to reconstruct the whole Git repository just from the one exposed .git folder. Get them the damn tools here: https://github.com/internetwache/GitTools

Now we can use the gitdumper.sh and download the whole folder.

/opt/GitTools/Dumper/gitdumper.sh http://badsite.ofcourse/.git/ git

You can test your luck with finding any interesting info:

/opt/GitTools/Extractor/extractor.sh ./ extracted

You can roll back and check if there were any missing files from previous commits, just go where the .git folder was downloaded and type:

git status

If there are any deleted/missing files, you can go back to the latest version with:

git reset –hard

To check history of all commits:

git logs

Some theoretical basis would be good to get, learn about git branches:

https://git-scm.com/book/en/v2/Git-Branching-Branches-in-a-Nutshell

In simple words, “branch” is a thingy that points to one of the saved versions of your project and ‘master’ branch is one of the default “branches” which points to the very last version of your project (last commit).

To switch to another branch/pointer, just type: git checkout [name_of_the_branch]

For instance, if there was a file test.php that is missing in the current commit, you can check if that file is present in previous commits and restore it. Here is the command to restore the file present in the last commit:

git checkout HEAD test.php