Welcome to the GitHub Actions Exploit Documentation directory! This is where you'll find in-depth write-ups on security vulnerabilities specific to GitHub Actions workflows and the relevant queries to find the in Raven's ecosystem.
- Analyses of GitHub Actions vulnerabilities and examples of them.
- Cypher queries to identify vulnerable repositories on Neo4j.
- Mitigation suggestions and preventive best practices.
- Source references, such as research articles and GitHub issues.
- The information presented here is based on rigorous research and real-world examples.
- Always act responsibly and ethically when using this information.
We encourage you to contribute by submitting more GitHub Actions exploit documentation and queries, or by improving the existing write-ups. Contributions are always welcome!