diff --git a/http/misconfiguration/installer/elgg-install.yaml b/http/misconfiguration/installer/elgg-install.yaml
new file mode 100644
index 00000000000..a91fd36b7bf
--- /dev/null
+++ b/http/misconfiguration/installer/elgg-install.yaml
@@ -0,0 +1,26 @@
+id: elgg-installer
+
+info:
+  name: Elgg - Installation
+  author: s4e-io
+  severity: high
+  description: Elgg Installation was discovered.
+  reference:
+    - https://github.com/elgg/elgg
+  metadata:
+    max-request: 1
+    verified: true
+    fofa-query: title="Welcome to Elgg"
+  tags: install,elgg,exposure,misconfig
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/install.php"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains_any(body,"Elgg Install : Welcome", "Installing Elgg", "Welcome to Elgg")'
+          - 'status_code == 200'
+        condition: and