Racing for Hidden Treasures in Public GitHub Repositories - Exploiting Build Artifacts
Offered By: BSidesLV via YouTube
Course Description
Overview
Explore a novel attack vector in open-source projects using GitHub Actions in this 19-minute conference talk from BSidesLV. Discover how leaked access tokens hidden within build artifacts can be exploited to gain control over open-source projects. Learn about the challenges of racing against time to utilize ephemeral tokens before they expire, and see real-world examples of breached popular open-source projects and those maintained by high-profile organizations. Gain insights into unearthing sensitive data in build artifacts, crafting high-speed exploits, and executing swift attacks using these techniques.
Syllabus
Common Ground, Tue, Aug 6, 17:00 - Tue, Aug 6, CDT
Taught by
BSidesLV
Related Courses
Introduction to Agile Software Development: Tools & TechniquesUniversity of California, Berkeley via edX Advanced Topics and Techniques in Agile Software Development
University of California, Berkeley via edX The Data Scientist’s Toolbox
Johns Hopkins University via Coursera How to Use Git and GitHub
Udacity Desarrollo de Videojuegos 3D en Unity: Una Introducción
Universidad de los Andes via Coursera