Presented at
BSidesLV 2023,
Aug. 8, 2023, 4 p.m.
(45 minutes).
How wide can a GitHub Actions worm spread? In this talk, I'll demonstrate how a worm can crawl through actions and projects, infecting them with malware. We will explore the ways in which actions are loosely and implicitly dependent on other actions, and create a graph-based dependency tree for GitHub actions. This map will set the path for our worm, that is searching its way to infecting as many action dependencies and target as many GitHub projects as possible. Join this talk to learn about the methods our worm uses to make its way towards other actions, to get familiar with the high profile open source projects we could hijack, and to see this worm in action over a demo.
Presenters:
-
Asaf Greenholts
Asi has 7 years of experience in the security field, including security architecture, SOC management, incident response, and application security research. Asi has gained his experience working for major organizations in the financial and government sectors. Today, Asi is a security researcher that focuses on revolutionizing CI/CD security at Palo Alto Networks. During his free time, Asi likes to read, invest in the stock market and to snowboard.
Links:
Similar Presentations: