How to install dvcs-ripper on Ubuntu?

Use the apt-get commands from the README: 'sudo apt-get install perl libio-socket-ssl-perl' for basic requirements, and optionally install packages like libparallel-forkmanager-perl for faster git ripping.

Can dvcs-ripper rip private repositories?

No, it's designed for web-accessible repositories exposed on servers, typically in security testing scenarios. It doesn't handle authentication for private repos.

dvcs-ripper vs git-dumper: which is better?

dvcs-ripper supports multiple VCS systems and has advanced features like Redis-backed parallelism, while git-dumper is Git-specific and may be simpler for Git-only tasks. Choose based on your VCS needs.

How to use dvcs-ripper with Docker?

Run the official Docker image with a command like 'docker run --rm -it -v /host/work:/work:rw k0st/alpine-dvcs-ripper rip-git.pl -v -u http://example.com/.git', mounting a host directory for output as shown in the README.

Does dvcs-ripper ignore SSL certificate errors?

Yes, use the -s flag in scripts (e.g., rip-git.pl -s) to bypass SSL verification, useful for testing environments with self-signed certificates.

How to resume a failed rip with dvcs-ripper?

Set up a Redis container and use the -n flag with -e to specify Redis host, allowing session resumption. The README provides examples under 'Using redis for resuming work'.

DVCS Ripper

GPL-2.0Perl

A Perl toolkit for ripping web-accessible version control repositories (Git, SVN, Mercurial, Bazaar, CVS) even when directory browsing is disabled.

GitHub

1.8k stars317 forks0 contributors

What is DVCS Ripper?

dvcs-ripper is a security-oriented Perl toolkit that extracts source code from web-accessible version control repositories like Git, SVN, Mercurial, Bazaar, and CVS. It is designed to recover repository contents even when directory browsing is disabled on the server, making it useful for identifying exposed source code during security assessments. The tool automates the ripping process and supports features like parallel processing and SSL bypass.

Target Audience

Security researchers, penetration testers, and red teamers who need to identify and extract exposed version control repositories during web application assessments. It is also suitable for developers auditing their own servers for accidental repository exposures.

Value Proposition

Developers choose dvcs-ripper for its comprehensive multi-VCS support, ability to bypass disabled directory browsing, and practical features like Docker deployment and Redis-backed parallel processing. Its focus on reliability and ease of use in security testing scenarios makes it a preferred tool over manual extraction methods.

Overview

Rip web accessible (distributed) version control systems: SVN/GIT/HG...

Use Cases

Best For

Penetration testing engagements where exposed .git directories are discovered

Related Projects

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub

Security assessments of web applications to identify accidental source code leaks

Recovering source code from misconfigured version control repositories on web servers

Red team operations requiring extraction of repository contents for intelligence gathering

Automating the ripping of multiple repositories across distributed systems

Educational purposes in security training for version control exposure risks

Not Ideal For

Teams needing graphical user interfaces or integrated security platforms
Projects targeting only a single VCS like Git where simpler, specialized tools exist
Environments with strict policies against Perl or requiring zero host dependencies

Pros & Cons

Pros

Multi-VCS Support

Supports Git, SVN, Mercurial, Bazaar, and CVS with dedicated scripts (e.g., rip-git.pl, rip-svn.pl), making it versatile for various repository types.

Bypasses Directory Restrictions

Can extract repositories even when web server directory browsing is disabled, a core feature highlighted in the description and README.

Automated Recovery Operations

Automatically runs checkout/revert commands like 'git checkout -f' or 'svn revert -R .' after ripping, reducing manual steps.

Docker and Redis Integration

Offers official Docker images for easy deployment and uses Redis for parallel processing and resumable operations, as detailed in advance usage examples.

Cons

Perl Dependency Complexity

Requires specific Perl modules (e.g., LWP, DBD::SQlite for newer SVN) that may not be pre-installed, adding setup overhead on non-Debian systems.

Complex Redis Setup

Enabling parallel processing involves multi-step Docker and Redis configuration, such as creating and linking containers, which can be cumbersome for casual users.

Incomplete Error Handling

The README admits limitations like struggling to recognize 404 pages that return 200 in SVN/CVS, which can affect reliability in edge cases.

Frequently Asked Questions

Home

CTF

Gitleaks

Find secrets with Gitleaks 🔑

Stars26,224

Forks1,997

Last commit29 days ago

LinkFinder

A python script that finds endpoints in JavaScript files

Stars4,332

Forks654

Last commit2 years ago

Dnscat2

dnscat2 is a tool designed to create an encrypted command-and-control (C&C) channel over the DNS protocol. It enables secure communication and data tunneling out of restricted networks by leveraging DNS queries and responses, making it effective for penetration testing and secure remote access. ## Key Features - **Encrypted Communication** — All traffic is encrypted by default using ECDH key exchange, Salsa20 encryption, and SHA3 signatures. - **DNS Protocol Tunneling** — Uses DNS queries/responses to bypass firewalls and network restrictions, appearing as normal DNS traffic. - **Flexible Deployment** — Supports both authoritative DNS server traversal (stealthy) and direct UDP connections (faster). - **Session Management** — Provides an interactive console with multiple windows for managing clients, shells, and tunnels. - **Data Tunneling** — Can tunnel any data, including file transfers, shell sessions, and TCP connections (via port forwarding). - **Cross-Platform Client** — The client is written in C with minimal dependencies, running on Linux, Windows, FreeBSD, and macOS. ## Philosophy dnscat2 is purpose-built for command and control, prioritizing encryption and flexibility over generic internet tunneling. It treats DNS as a transport layer, enabling robust, protocol-agnostic data exchange.

Stars3,873

Forks646

Last commit2 years ago