https://github.com/synacktiv/gh-hijack-runner

A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.
https://github.com/synacktiv/gh-hijack-runner

cicd exploitation github githubactions runner

Last synced: 1 day ago
JSON representation

A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.

• Host: GitHub
• URL: https://github.com/synacktiv/gh-hijack-runner
• Owner: synacktiv
• Created: 2024-04-29T08:26:33.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2024-10-13T17:23:13.000Z (over 1 year ago)
• Last Synced: 2025-10-09T02:08:14.636Z (4 months ago)
• Topics: cicd, exploitation, github, githubactions, runner
• Language: Python
• Homepage:
• Size: 30.3 KB
• Stars: 27
• Watchers: 3
• Forks: 4
• Open Issues: 0

Awesome Lists containing this project

• awesome-cicd-security - gh-hijack-runner - A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets. (Tools / ArgoCD)