Gitlab Weak Login Scanner
Web-based configuration, API or administrative interfaces has weak credentials for login process.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
2 days
Scan only one
Domain, IPv4
Toolbox
-
Often these applications, once installed, are not properly configured and the default credentials provided for initial authentication and configuration are never changed. These default credentials are well known by penetration testers and, unfortunately, also by malicious attackers, who can use them to gain access to various types of applications.