I published an artice about my latest security scan aimed to the exposed git repositories.
- 230 000 000 domains checked (the list was build mainly from the Rapid 7 OpenData),
- 390 000 affected sites found,
- 100 000 alerts send.
The most of affected sites use PHP:
But after normalization the numbers according to the market share, the worst situation is among the Python:
I also tried to detect the CMS/E-commerce system, HTTP server, Operating Systems and Frameworks:
You can find more detailed information about the scan on our company blog.
3 thoughts on “Open .git scan – the results”
Just found your mail notif about it when tidy up my old email. The site affected not maintained by me again since years. But the problem still persist. I just want to say thank you ^_^