GitHub Actions Attack Diagram Logo

GitHub Actions Attack Diagram

0
Free
Visit Website

The GitHub Actions Attack Diagram is a visual guide for identifying and exploiting vulnerabilities in GitHub Actions configurations. It outlines various attack paths, starting from read-only or write access to a GitHub organization or repository. The diagram covers multiple attack vectors, including: 1. Self-hosted runner takeover 2. PWN requests 3. Secrets exfiltration It provides links to additional resources for context and is based on real-world red team engagements and public vulnerability research. The diagram focuses on major attack paths and Tactics, Techniques, and Procedures (TTPs) that have been successfully used in live environments. While not exhaustive, the tool serves as a reference for security professionals to understand and mitigate potential risks in GitHub Actions workflows. It also includes references to related research presentations and blog posts detailing real-world exploits of CI/CD vulnerabilities.

FEATURES

ALTERNATIVES

Utilizes dirtyc0w kernel exploit for privilege escalation in a Docker container.

A cross-platform web fuzzer written in Nim

A modern post-exploitation command and control framework with a client-server architecture and extensibility features.

Offensive security tool for reconnaissance and information gathering with a wide range of features and future roadmap.

Automatic SSRF fuzzer and exploitation tool

A powerful tool for hiding the true location of your Teamserver, evading detection from Incident Response, redirecting users, blocking specific IP addresses, and managing Malleable C2 traffic in Red Team engagements.

GraphSpy is a token management tool that allows users to store and manage access and refresh tokens for multiple users and scopes in one location.

SharpShares efficiently enumerates and maps network shares and resolves names within a domain.