This document discusses techniques for finding and stealing source code from unprotected Git repositories, including cloning exposed repositories, exploiting path and file disclosures, recovering deleted files and credentials from commit logs, and using tools to conduct aggressive cloning attacks. It warns developers to secure access to Git configurations and repositories and not check in sensitive data, and cautions attackers to carefully inspect exposed repositories for hostnames, paths, files and credentials that could be abused.