github-actions-goat icon indicating copy to clipboard operation
github-actions-goat copied to clipboard

Published 20 hours ago verified publisher icon step-security

Add section to simulate past attacks

Open varunsh-coder opened this issue 3 years ago • 0 comments
trafficstars

Organize the project into two parts

  1. Simulation of past attacks
  • [ ] SolarWinds (SUNPOST) - already exists
  • [ ] Codecov (tampering of artifact in storage account) - to be added
  • [ ] Dependency confusion - to be added
  • [ ] Malicious npm package to exfiltrate data on install step (simulation of malicious packages published after account take over/ typosquatting) - already exists
  • [ ] Pipeline injection in GitHub Actions (simulation of VS Code bug bounty issue) - to be added
  1. Solutions

varunsh-coder avatar Apr 30 '22 13:04 varunsh-coder