Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Racing for Hidden Treasures in Public GitHub Repositories - Exploiting Build Artifacts

BSidesLV via YouTube

Start learning Write review
Boot.dev Ad

Stuck in Tutorial Hell? Learn Backend Dev the Right Way

Learn More → DataCamp Ad

Power BI Fundamentals - Create visualizations and dashboards from scratch

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore a novel attack vector in open-source projects using GitHub Actions in this 19-minute conference talk from BSidesLV. Discover how leaked access tokens hidden within build artifacts can be exploited to gain control over open-source projects. Learn about the challenges of racing against time to utilize ephemeral tokens before they expire, and see real-world examples of breached popular open-source projects and those maintained by high-profile organizations. Gain insights into unearthing sensitive data in build artifacts, crafting high-speed exploits, and executing swift attacks using these techniques.

Syllabus

Common Ground, Tue, Aug 6, 17:00 - Tue, Aug 6, CDT

Taught by

BSidesLV

Reviews

Start your review of Racing for Hidden Treasures in Public GitHub Repositories - Exploiting Build Artifacts

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.