GitHub Actions Attack Diagram Logo

GitHub Actions Attack Diagram

0
Free
Visit Website

The GitHub Actions Attack Diagram is a visual guide for identifying and exploiting vulnerabilities in GitHub Actions configurations. It outlines various attack paths, starting from read-only or write access to a GitHub organization or repository. The diagram covers multiple attack vectors, including: 1. Self-hosted runner takeover 2. PWN requests 3. Secrets exfiltration It provides links to additional resources for context and is based on real-world red team engagements and public vulnerability research. The diagram focuses on major attack paths and Tactics, Techniques, and Procedures (TTPs) that have been successfully used in live environments. While not exhaustive, the tool serves as a reference for security professionals to understand and mitigate potential risks in GitHub Actions workflows. It also includes references to related research presentations and blog posts detailing real-world exploits of CI/CD vulnerabilities.

FEATURES

ALTERNATIVES

CrossC2 enables generation of cross-platform payloads for CobaltStrike, enhancing operational flexibility.

A tool for generating .NET serialized gadgets for triggering .NET assembly load/execution.

A tool for managing multiple reverse shell sessions/clients via terminal with a RESTful API.

A proof-of-concept tool that demonstrates automated MFA bypass techniques for Microsoft Outlook through browser automation and request interception.

Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.

Open source application for retrieving passwords stored on a local computer with support for various software and platforms.

A tool for recursively querying webservers

Repository of tools for testing iPhone messaging by Project Zero