Project Awesome project awesome

CI/CD Attacks

Offensive research of systems and processes related to developing and deploying code.

Collection 582 stars GitHub

Contents

Techniques
Tools
Case Studies
Similar Projects

Techniques

Publicly Exposed Sensitive Data

Hidden GitHub Commits and How to Reveal Them

A tool that can reveal deleted GitHub commits that potentially contain sensitive information and are not accessible via the public Git history.

Initial Code Execution

ActionsTOCTOU (Time Of Check to Time Of Use) 36 updated 3mo ago

A tool to monitor for an approval event and then quickly replace a file in the PR head with a local file specified as a parameter.

Security alert: social engineering campaign targets technology industry employees

Phishing GitHub users to download and execute repositories.

Post Exploitation

Living off the pipeline 150 updated 22d ago

Inventory how development tools (typically CLIs), have lesser-known RCE-By-Design features.

Defense Evasion

PR sneaking 11 updated 9y ago

Methods of sneaking malicious code into GitHub pull requests.

One Supply Chain Attack to Rule Them All – Poisoning GitHub's Runner Images

A critical vulnerability in GitHub Actions, involving a misconfigured self-hosted runner in the actions/runner-images repository, allowed potential compromise of all GitHub and Azure hosted runner images.

Zuckerpunch - Abusing Self Hosted GitHub Runners at Facebook

Hide commits in a GitHub PR.

One Supply Chain Attack to Rule Them All – Poisoning GitHub's Runner Images

A critical vulnerability in GitHub Actions, involving a misconfigured self-hosted runner in the actions/runner-images repository, allowed potential compromise of all GitHub and Azure hosted runner images.

Unpinnable Actions: How Malicious Code Can Sneak into Your GitHub Actions Workflows

GitHub Actions, even when pinned to a commit SHA, can still pull in malicious code via mutable dependencies like Docker images, unlocked packages, or external scripts.

Zuckerpunch - Abusing Self Hosted GitHub Runners at Facebook

Hide commits in a GitHub PR.

One Supply Chain Attack to Rule Them All – Poisoning GitHub's Runner Images

A critical vulnerability in GitHub Actions, involving a misconfigured self-hosted runner in the actions/runner-images repository, allowed potential compromise of all GitHub and Azure hosted runner images.

Zuckerpunch - Abusing Self Hosted GitHub Runners at Facebook

Hide commits in a GitHub PR.

Tools

ADOKit 313 updated 1y ago

Azure DevOps Services Attack Toolkit.

Gato 6 (archived)

GitHub Attack Toolkit.

Gato-X 526 updated 9d ago

GitHub Attack Toolkit - Extreme Edition.

git-dumper 2.5k updated 2mo ago

Dump Git repository from a website.

GitFive 973 updated 7mo ago

OSINT tool to investigate GitHub profiles.

Jenkins Attack Framework 576 updated 9mo ago

This tool can manage Jenkins tasks, like listing jobs, dumping credentials, running commands/scripts, and managing API tokens.

Nord Stream 356 updated 15d ago

A tool to extract secrets stored inside CI/CD environments.

pwn_jenkins 2.1k updated 1y ago

Notes about attacking Jenkins servers.

Secrets Patterns Database 1.4k updated 9mo ago

The largest open-source database for detecting secrets, API keys, passwords, tokens, and more.

zizmor 4.4k updated 9d ago

Static analysis for GitHub Actions.

Case Studies

Similar Projects