github-actions-goat icon indicating copy to clipboard operation
github-actions-goat copied to clipboard

Published 20 hours ago verified publisher icon step-security

Improve dns exfiltration tutorial

Open varunsh-coder opened this issue 3 years ago • 1 comments
trafficstars

  • [ ] simulate exfiltration of token instead of repo (idea)
  • [ ] add block mode in harden-runner
  • [ ] add missing domain - storage.googleapis.com

varunsh-coder avatar Feb 10 '22 17:02 varunsh-coder

@varunsh-coder I retried running the workflow https://app.stepsecurity.io/github/arjundashrath/supply-chain-goat/actions/runs/1846742924 and there is not any call to storage.googleapis.com

arjundashrath avatar Feb 15 '22 11:02 arjundashrath