https://github.com/simpuar/gitlab-cve-scanner

Python tool to detect GitLab version, check CVEs for it and generate report
https://github.com/simpuar/gitlab-cve-scanner

bugbounty cve-search fingerprint gitlab penetration-testing-tools vulnerability-detection

Last synced: about 1 year ago
JSON representation

Python tool to detect GitLab version, check CVEs for it and generate report

• Host: GitHub
• URL: https://github.com/simpuar/gitlab-cve-scanner
• Owner: Simpuar
• License: apache-2.0
• Created: 2025-03-06T20:49:11.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-04-10T10:15:33.000Z (about 1 year ago)
• Last Synced: 2025-04-10T11:40:01.908Z (about 1 year ago)
• Topics: bugbounty, cve-search, fingerprint, gitlab, penetration-testing-tools, vulnerability-detection
• Language: Python
• Homepage:
• Size: 2.39 MB
• Stars: 4
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# GitLab CVE Scanner

![Python](https://img.shields.io/badge/python-3.8%2B-blue)

![License](https://img.shields.io/badge/license-Apache--2.0-green)

![Status](https://img.shields.io/badge/status-active-brightgreen)

GitLab CVE Scanner is a fast, scriptable scanner to detect GitLab installations, identify their versions, and check for known vulnerabilities via CVEs.  

Ideal for bug bounty, Red Team ops, and infrastructure audits.

![gitlab_cve_scanner](https://github.com/user-attachments/assets/55a22975-511e-41a5-a986-ee0b4b62a511)

---

## 🔍 Features

- 🔎 Scans single or multiple GitLab instances

- 📦 Detects installed GitLab version via HTTP headers

- ⚠️ Matches version against public CVEs

- 📊 Outputs clean CSV reports for easy triage

- 🎯 Supports targeting specific CVEs

- 💥 Useful for bug bounty, internal audits, Red Team recon

---

## 🚀 Usage

```bash

python3 scanner.py -u https://gitlab.example.com

python3 scanner.py -l targets.txt

```

Flags:

- `-u` — Single URL

- `-l` — List of targets (one per line)

- `-cve` — Filter output by specific CVE

- `-o` — Save results to CSV

---

## 📝 Report Examples

### Check for single CVE

![Scan for single CVE](./img/scan_for_single_cve.png)

### Check for all CVEs

![Scan for all CVEs](./img/scan_for_cves.png)

### Report for Single CVE

![Report for single CVE](./img/report_for_single_cve.png)

### Report for Multiple CVEs

![Report for single CVE](./img/report_for_multiple_cves.png)

## Credits

The idea of this project is inspired by [gitlab-version-nse](https://github.com/righel/gitlab-version-nse/tree/main?tab=Apache-2.0-1-ov-file).

Built with ❤️ for cybersecurity professionals.