If developers clone directly into the webroot during push of an application or website, meta-data left behind by Git repo management can be abused to download all of the application’s source code files. These types of issues can be identified by browsing to particular pages. If these pages return any information at all, its likely that your application can and has been downloaded in the past.
Read More