DotGit

Name: DotGit
Rating: 4.833333333333333 (12 reviews)
Author: davtur19

An extension for checking if .git is exposed in visited websites

Download

Install Compare

DotGit is a powerful Chrome extension designed to enhance your web security awareness by detecting exposed sensitive files on websites. It automatically checks for the presence of .git, .svn, .hg folders, .env and .DS_Store files, and identifies if a website is open source via GitHub or GitLab. Additionally, DotGit alerts users when it finds security.txt files, enabling quick insight into a site's security policies.

Users receive instant notifications upon detecting exposed folders and can easily review a compiled list of vulnerable sites. The extension also allows you to download entire .git folders in zip format—even when files are not publicly listed—and offers one-click viewing of .git/config files. Customizable options for colors, notifications, and downloads provide a tailored experience. Some checks are disabled by default but can be enabled in settings. DotGit's open-source code is available for review and contribution on GitHub.

Extension Privacy & Security Developer Tools Productivity

By:

Users:

Rating:

Version:

5.1 Last updated: 2025-05-20

Creation date:

2020-06-16

Risk:

Permissions:

webRequest
storage
notifications
downloads
tabs
scripting

Host permissions:

http://*/*
https://*/*
ws://*/*
wss://*/*

Size:

152.00KB

Email:

do*****@turi.space

Full description:

Source:

Chrome Web Store

Data ingested on:

2025-07-11

Ranking

# 8,765 ▲ 68

Other rankings

#2792 in Developer Tools ▲ 1

#12 in exist keyword 21

#91 in visited sites keyword 17 ▼ 3

#126 in folder keyword 15 ▼ 6

#198 in source code keyword 26 ▼ 28

Upgrade to see more rankings

Other platforms

DotGit (v5.1)

2,146 5.00

(9)

Publisher Change History

2025-01-15: Email was changed from da*****@gmail.com to do*****@turi.space

Upgrade to see full email

User reviews

DotGit is a highly effective Chrome extension praised for revealing vulnerable websites and exposed .git directories, offering valuable security insights. Users find it powerful and easy to use. However, some experience issues with the extension's popup display on the latest Chrome versions and face firewall blocks from services like Cloudflare. Additionally, the lack of bulk testing features or a CLI option limits its usage flexibility.

Pros

Effectively discovers exposed .git directories and vulnerable websites.
Easy to use and does what it promises.
Provides valuable security insights into websites while browsing.
Users find it amazing and highly useful for security assessments.

Cons

Issues with compatibility on the latest Chrome version - popup appears compressed and unreadable.
Blocked by some firewalls like Cloudflare, limiting usability.
Lack of a command-line interface or bulk URL testing capability.

Recent reviews

cloudflare firewall blocks your IP use with caution

Pr*****, 2024-09-17

Does what it says. \m/

Ge*****, 2024-08-05

Love it, but it does not seem to work with the latest chrome version (Popup seems compressed and unreadable)

M *****, 2023-08-28

View all user reviews ›

Extension safety

Risk impact

Risk impact measures the level of extra permissions an extension has access to. A low risk impact extension cannot do much harms, whereas a high risk impact extension can do a lot of damage like stealing your password, bypassing your security settings, and accessing your personal data. High risk impact extensions are not necessarily malicious. However, if they do turn malicious, they can be very harmful.

DotGit requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.

Risk impact analysis details

Critical Grants access to browser tabs, which can be used to track user browsing habits and history, presenting a privacy concern.
Critical ****** ****** ** *** ********* ****** * *********** ******** **** ** ** *** ******* *** ****** **** **** *** ******* *****
High ****** *** ********* ** ******* *** ******* ******* ** ****** *** *** ******** ******
High ******* ******* **** *** ****** ***** *** ***** ** ******* **** ********* ********* ** * *********** *****
Medium ******* ******* ************* ***** *** ** ******* *** **** ******* ****** ******** *******
Medium ****** ********** ** ******** ********** *** ********* ******* ******** ****** ******** ****** ********

Risk likelihood

Risk likelihood measures the probability that a Chrome extension may turn malicious. This is determined by the publisher and the Chrome extension reputation on Chrome Web Store, the amount of time the Chrome extension has been around, and other signals about the Chrome extension. Our algorithms are not perfect, and are subject to change as we discover new ways to detect malicious extensions. We recommend that you always exercise caution when installing a Chrome extension.

DotGit is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this extension.

Risk likelihood analysis details

High This extension has low user count. Unpopular extensions may not be stable or safe.
Medium **** ********* *** ******* ** *** **** * ******* *** ******* *** *** ** ****** ** *****
Low **** ********* *** ***** **** **** * ****** **** ***** ********** *** **** ****** ** ** ****** *** *****
Good **** ********* *** **** **** *******

Upgrade to see full risk analysis details

Instantly check and monitor your browser extensions' risks and permissions with Extension Guard.