Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

NDC Conferences

Abusing GitHub for Fun and Profit - Actions and Codespaces Security

NDC Conferences via YouTube

Overview

Explore the security vulnerabilities in GitHub Actions and Codespaces in this comprehensive conference talk. Delve into how attackers can exploit these popular GitHub features for malicious purposes, including crypto mining, malware delivery, and targeting Azure networks. Learn about real-world exploitation scenarios and proof-of-concept examples derived from threat modeling analysis. Gain practical insights on detecting, avoiding, and preventing attacks to secure codebases and pipelines. Discover the infection chain of GitHub and Netlify abuse, automation techniques using Dev-Containers and GitHub CLI, and the potential misuse of Windows, Linux, and macOS runners. Understand how malicious actors can leverage the GitHub Actions marketplace and execute pivoting attacks. Acquire valuable countermeasures and recommendations to protect your software supply chain platform and enhance your overall GitHub security posture.

Syllabus

Intro
Infection Chain of GitHub/Netlify Abuse
Automate w/ Dev-Containers & GitHub CLI
Attacker's Dev-Container Config
Malware Abusing Codespaces
Actions Overview
GHA Marketplace
Abusing Windows Runners pt 2
List of repos with the SAME code!
Abusing Linux Runners
Abusing macOS Runners
Run nmap inside the Azure network
Reverse shell from the Runner
Pivot attacks using Runners
Malicious GitHub Actions
GHA Countermeasures
Codespaces Recommendations

Taught by

NDC Conferences

Reviews

Start your review of Abusing GitHub for Fun and Profit - Actions and Codespaces Security

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.