> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-6/git/history-analysis/trick-0576.md).

# Discover Hidden Git Branch

***

When dealing with a Git repository, always list all branches, including remote ones, to identify any hidden or non-default branches that might contain sensitive information or different versions of files.

```bash
git branch -a
```

This command lists all local (`branch -a`) and remote (`branch -r`) branches.

If a hidden branch is found (e.g., named `side_branch`), switch to it to explore its contents.

```bash
git checkout side_branch
```

Once on the hidden branch, you can inspect the commit history and specific commits for interesting changes or added files. To view the commit history, use `git log`.

```bash
git log
```

To find the commit where sensitive data might have been added, you can use `git log` with flags to filter its output and show a more comprehensive history. For example, adding the `--all` flag shows all commits in all branches and tags, `--full-history` shows the full history, and `--oneline` compresses each commit to a single line for easier scanning.

```bash
git log --all --full-history --decorate --oneline
```

Another way to view the full history, including raw diffs, is:

```bash
git log --raw --abbrev=40 --full-history
```

You can also inspect specific commits using their hash:

```bash
git show <commit_hash>
```

Beyond the commit history, attackers may also examine the contents of the `.git` directory itself. Files like `.git/config`, `.git/logs/HEAD`, `.git/FETCH_HEAD`, `.git/ORIG_HEAD`, and `.git/index` can sometimes contain sensitive information or provide clues. File system tools like `grep` can be used within the repository directory to search for patterns in these files or the checked-out files.
