Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Racing for Hidden Treasures in Public GitHub Repositories - Exploiting Build Artifacts

BSidesLV via YouTube

Start learning Write review

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Explore a novel attack vector in open-source projects using GitHub Actions in this 19-minute conference talk from BSidesLV. Discover how leaked access tokens hidden within build artifacts can be exploited to gain control over open-source projects. Learn about the challenges of racing against time to utilize ephemeral tokens before they expire, and see real-world examples of breached popular open-source projects and those maintained by high-profile organizations. Gain insights into unearthing sensitive data in build artifacts, crafting high-speed exploits, and executing swift attacks using these techniques.

Syllabus

Common Ground, Tue, Aug 6, 17:00 - Tue, Aug 6, CDT

Taught by

BSidesLV

Reviews

Start your review of Racing for Hidden Treasures in Public GitHub Repositories - Exploiting Build Artifacts

Start learning

Taught by

Build community-driven software projects on GitHub

Never Stop Learning.