-
Notifications
You must be signed in to change notification settings - Fork 23
Home
Adnan Khan edited this page Jul 21, 2024
·
7 revisions
Refer to the project's README for installation instructions from source or from PyPi.
Gato-X is an offensive security tool designed to identify exploitable GitHub Actions misconfigurations or privilege escalation paths. It focuses on several key areas:
- Self-Hosted Runner enumeration using static analysis of workflow files and analysis of workflow run logs.
- Pwn Request and Actions Injection enumeration using static analysis.
- Post-compromise secrets enumeration and exfiltration.
- Public repository self-hosted runner attacks using Runner-on-Runner (RoR) technique.
The target audience for Gato-X Red Teamers, Bug Bounty Hunters, and Security Engineers looking to identify misconfigurations.
Gato-X is NOT a holistic tool to evaluate the GitHub Actions security posture of a repository. Gato-X does not check check for best practices like GitHub Actions version pinning, branch protection, secure defaults, and other controls that are important but not directly exploitable. Gato-X focuses on identifying exploitable issues in a GitHub repository.