Index

pipeleak gl

GitLab related commands

Synopsis

Commands to enumerate and exploit GitLab instances.

GitLab Proxy Support

Note: Proxying is currently supported only for GitLab commands.

Since Go binaries aren't compatible with Proxychains, you can set a proxy using the HTTP_PROXY environment variable.

For HTTP proxy (e.g., Burp Suite): HTTP_PROXY=http://127.0.0.1:8080 pipeleak gl scan --token glpat-xxxxxxxxxxx --gitlab https://gitlab.com

For SOCKS5 proxy: HTTP_PROXY=socks5://127.0.0.1:8080 pipeleak gl scan --token glpat-xxxxxxxxxxx --gitlab https://gitlab.com

Options

  -g, --gitlab string   GitLab instance URL
  -h, --help            help for gl
  -t, --token string    GitLab API Token
  -v, --verbose         Verbose logging

Options inherited from parent commands

      --coloredLog       Output the human-readable log in color (default true)
      --json             Use JSON as log output format
  -l, --logfile string   Log output to a file

SEE ALSO

• pipeleak - Scan job logs and artifacts for secrets
• pipeleak gl cicd - CI/CD related commands
• pipeleak gl enum - Enumerate access rights of a GitLab access token
• pipeleak gl renovate - Renovate related commands
• pipeleak gl runners - runner related commands
• pipeleak gl scan - Scan a GitLab instance
• pipeleak gl schedule - Enumerate scheduled pipelines and dump their variables
• pipeleak gl secureFiles - Print CI/CD secure files
• pipeleak gl variables - Print configured CI/CD variables
• pipeleak gl vuln - Check if the installed GitLab version is vulnerable