Back to directory
WRITEUP #2183

How we Abused Repository Webhooks to Access Internal CI Systems at Scale

OtherCI/CD
by@omer_gil(Omer Gil)
Program
-
Published
Sep 20, 2022
Added to HackDex
Sep 22, 2022
Read Full Writeuphttps://www.cidersecurity.io/blog/research/how-we-abused-repository-webhooks-to-access-internal-ci-systems-at-scale/
RELATED WRITEUPS
Github Actions Exploitation: Dependabot
OtherCI/CD
GitHub Actions Exploitation: Self Hosted Runners
OtherCI/CD
Data Theft in Salesforce: Manipulating Public Links
OtherSOQL injection
When Certificates Fail: A Story of Bypassed MFA in Remote Access
Other2FA / MFA bypass
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff
OtherSSTI

Built with ❤️ by Shubham Rawat