From 8a45f2704f5f0b7642e60df9a121b2e9f83e7bae Mon Sep 17 00:00:00 2001
From: PikPikcU <60111811+pikpikcu@users.noreply.github.com>
Date: Mon, 5 Apr 2021 08:03:33 +0000
Subject: [PATCH 1/2] Create gitlab-infoleak.yaml

---
 exposures/configs/gitlab-infoleak.yaml | 38 ++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 exposures/configs/gitlab-infoleak.yaml

diff --git a/exposures/configs/gitlab-infoleak.yaml b/exposures/configs/gitlab-infoleak.yaml
new file mode 100644
index 00000000000..00811780ff5
--- /dev/null
+++ b/exposures/configs/gitlab-infoleak.yaml
@@ -0,0 +1,38 @@
+id: gitlab-infoleak
+
+info:
+  name: Gitlab InfoLeaks
+  author: pikpikcu
+  severity: low
+  reference: https://gitlab.com/gitlab-org/gitlab/-/issues/244275
+  tags: gitlab,disclosure
+
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/api/graphql"
+    headers:
+      Content-Type: application/json
+    body: |
+      {
+        "query": "{\nusers {\nedges {\n  node {\n    username\n    email\n    avatarUrl\n    status {\n      emoji\n      message\n      messageHtml\n     }\n    }\n   }\n  }\n }",
+        "variables": null,
+        "operationName": null
+      }
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "application/json"
+        part: header
+
+      - type: word
+        words:
+          - "avatarUrl"
+        condition: and
+
+      - type: status
+        status:
+          - 200

From a0d6838672ee71714a261dfc4f83867a06cce458 Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Mon, 5 Apr 2021 23:45:14 +0530
Subject: [PATCH 2/2] Minor updates and Gitlab workflow

---
 exposures/configs/gitlab-infoleak.yaml        | 38 -------------------
 .../gitlab/gitlab-user-enumeration.yaml       | 38 +++++++++++++++++++
 workflows/gitlab-workflow.yaml                | 16 ++++++++
 3 files changed, 54 insertions(+), 38 deletions(-)
 delete mode 100644 exposures/configs/gitlab-infoleak.yaml
 create mode 100644 misconfiguration/gitlab/gitlab-user-enumeration.yaml
 create mode 100644 workflows/gitlab-workflow.yaml

diff --git a/exposures/configs/gitlab-infoleak.yaml b/exposures/configs/gitlab-infoleak.yaml
deleted file mode 100644
index 00811780ff5..00000000000
--- a/exposures/configs/gitlab-infoleak.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-id: gitlab-infoleak
-
-info:
-  name: Gitlab InfoLeaks
-  author: pikpikcu
-  severity: low
-  reference: https://gitlab.com/gitlab-org/gitlab/-/issues/244275
-  tags: gitlab,disclosure
-
-
-requests:
-  - method: POST
-    path:
-      - "{{BaseURL}}/api/graphql"
-    headers:
-      Content-Type: application/json
-    body: |
-      {
-        "query": "{\nusers {\nedges {\n  node {\n    username\n    email\n    avatarUrl\n    status {\n      emoji\n      message\n      messageHtml\n     }\n    }\n   }\n  }\n }",
-        "variables": null,
-        "operationName": null
-      }
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "application/json"
-        part: header
-
-      - type: word
-        words:
-          - "avatarUrl"
-        condition: and
-
-      - type: status
-        status:
-          - 200
diff --git a/misconfiguration/gitlab/gitlab-user-enumeration.yaml b/misconfiguration/gitlab/gitlab-user-enumeration.yaml
new file mode 100644
index 00000000000..50a937dc36d
--- /dev/null
+++ b/misconfiguration/gitlab/gitlab-user-enumeration.yaml
@@ -0,0 +1,38 @@
+id: gitlab-user-enumeration
+
+info:
+  name: Gitlab User enumeration
+  author: pikpikcu
+  severity: info
+  tags: gitlab,enum
+
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/api/graphql"
+    headers:
+      Content-Type: application/json
+    body: |
+        {
+           "query":"{\nusers {\nedges {\n  node {\n    username\n    email\n    avatarUrl\n    }\n   }\n  }\n }"
+        }
+
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "application/json"
+        part: header
+
+      - type: word
+        words:
+          - avatarUrl
+          - username
+          - email
+        condition: and
+
+      - type: status
+        status:
+          - 200
diff --git a/workflows/gitlab-workflow.yaml b/workflows/gitlab-workflow.yaml
new file mode 100644
index 00000000000..101bfec0265
--- /dev/null
+++ b/workflows/gitlab-workflow.yaml
@@ -0,0 +1,16 @@
+id: gitlab-workflow
+
+info:
+  name: GitLab Security Checks
+  author: pdteam
+  description: A simple workflow that runs all GitLab related nuclei templates on a given target.
+  tags: workflow
+
+workflows:
+
+  - template: exposed-panels/gitlab-detect.yaml
+    subtemplates:
+      - template: misconfiguration/gitlab/gitlab-public-repos.yaml
+      - template: misconfiguration/gitlab/gitlab-public-signup.yaml
+      - template: misconfiguration/gitlab/gitlab-public-snippets.yaml
+      - template: misconfiguration/gitlab/gitlab-user-enumeration.yaml
\ No newline at end of file