Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ovotech/gitoops
all paths lead to clouds
https://github.com/ovotech/gitoops
bloodhound cicd company-kaluza hacktheplanet redteam security
Last synced: 8 days ago
JSON representation
all paths lead to clouds
- Host: GitHub
- URL: https://github.com/ovotech/gitoops
- Owner: ovotech
- License: mit
- Created: 2021-07-26T10:15:39.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2023-10-11T01:46:52.000Z (about 1 year ago)
- Last Synced: 2024-06-19T10:35:45.777Z (5 months ago)
- Topics: bloodhound, cicd, company-kaluza, hacktheplanet, redteam, security
- Language: Go
- Homepage:
- Size: 2.03 MB
- Stars: 629
- Watchers: 18
- Forks: 48
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
GitOops!
😱
all paths lead to clouds
GitOops is a tool to help attackers and defenders identify lateral movement and privilege escalation paths in GitHub organizations by abusing CI/CD pipelines and GitHub access controls.
It works by mapping relationships between a GitHub organization and its CI/CD jobs and environment variables. It'll use any Bolt-compatible graph database as backend, so you can query your attack paths with openCypher:
```
MATCH p=(:User{login:"alice"})-[*..5]->(v:EnvironmentVariable)
WHERE v.name =~ ".*SECRET.*"
RETURN p
```
GitOops takes inspiration from tools like [Bloodhound](https://github.com/BloodHoundAD/BloodHound) and [Cartography](https://github.com/lyft/cartography).
Check out the [docs](docs/README.md), some [more example queries](./docs/examples.md) and our [BSides London talk](https://www.youtube.com/watch?v=Gf0sqqHnHOU).