Awesome CI/CD Attacks — Project Awesome

Techniques

Publicly Exposed Sensitive Data

A tool that can reveal deleted GitLab commits that potentially contain sensitive information and are not accessible via the public Git history.

Hidden GitHub Commits and How to Reveal Them

A tool that can reveal deleted GitHub commits that potentially contain sensitive information and are not accessible via the public Git history.

Initial Code Execution

ActionsTOCTOU (Time Of Check to Time Of Use) 36 updated 1mo ago

A tool to monitor for an approval event and then quickly replace a file in the PR head with a local file specified as a parameter.

Post Exploitation

Living off the pipeline

Inventory how development tools (typically CLIs), have lesser-known RCE-By-Design features.

Defense Evasion

Zuckerpunch - Abusing Self Hosted GitHub Runners at Facebook 11 updated 8y ago

Hide commits in a GitHub PR.

One Supply Chain Attack to Rule Them All – Poisoning GitHub's Runner Images

A critical vulnerability in GitHub Actions, involving a misconfigured self-hosted runner in the actions/runner-images repository, allowed potential compromise of all GitHub and Azure hosted runner images.

Zuckerpunch - Abusing Self Hosted GitHub Runners at Facebook

Hide commits in a GitHub PR.

Tools

ADOKit 313 updated 1y ago

Azure DevOps Services Attack Toolkit.

Gato 738 updated 20d ago

GitHub Attack Toolkit.

Gato-X

GitHub Attack Toolkit - Extreme Edition.

git-dumper 2.5k updated 25d ago

Dump Git repository from a website.

GitFive 973 updated 5mo ago

OSINT tool to investigate GitHub profiles.

Jenkins Attack Framework 576 updated 8mo ago

This tool can manage Jenkins tasks, like listing jobs, dumping credentials, running commands/scripts, and managing API tokens.

Nord Stream 347 updated 15d ago

A tool to extract secrets stored inside CI/CD environments.

pwn_jenkins 2.1k updated 1y ago

Notes about attacking Jenkins servers.

Secrets Patterns Database 1.4k updated 7mo ago

The largest open-source database for detecting secrets, API keys, passwords, tokens, and more.

zizmor 3.8k updated 2d ago

Static analysis for GitHub Actions.

Case Studies

GitHub Actions Attack Diagram 192 updated 11mo ago

Includes public vulnerability research presented at Black Hat USA 2024 and DEF CON 32.

Similar Projects

Common Threat Matrix for CI/CD Pipeline 759 updated 1y ago

SDLC Infrastructure Threat Framework (SITF) 136 updated yesterday

A comprehensive framework for analyzing and defending against attacks targeting Software Development Life Cycle Infrastructure.

CI/CD Attacks

Contents