Open .git scan – the results

I published an artice about my latest security scan aimed to the exposed git repositories.

The results:

  • 230 000 000 domains checked (the list was build mainly from the Rapid 7 OpenData),
  • 390 000 affected sites found,
  • 100 000 alerts send.

The most of affected sites use PHP:

git-sites.png

But after normalization the numbers according to the market share, the worst situation is among the Python:

git-sites-normalized.png

I also tried to detect the CMS/E-commerce system, HTTP server, Operating Systems and Frameworks:

git-cms.png

git-ecommerce.png

git-http-servers.png

git-operating-systems.png

git-frameworks.png

You can find more detailed information about the scan on our company blog.

One thought on “Open .git scan – the results

  1. Pingback: Python & Ruby webserver config – the great misunderstanding – Vladimir Smitka

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s