GitHub Actions Cache Native Malware - for Educational and Research Purposes only.
☆103Jan 28, 2026Updated last month
Alternatives and similar repositories for Cacheract
Users that are interested in Cacheract are comparing it to the libraries listed below
Sorting:
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆482Updated this week
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆35Jan 25, 2026Updated last month
- MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, an…☆93Oct 14, 2025Updated 4 months ago
- RansomWhen is a tool to enumerate identities that can lock S3 Buckets using KMS, resulting in ransomwares, as well as detect occurances o…☆61Feb 5, 2025Updated last year
- A CLI tool (and library) written in Go to simplify the process of retrieving IP addresses from infrastructure hosted on Google Cloud Plat…☆11Nov 20, 2025Updated 3 months ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆15Apr 10, 2025Updated 10 months ago
- How GitHub Actions workflows can be hacked☆177Aug 23, 2024Updated last year
- ☆16Jul 17, 2024Updated last year
- ☆14Jan 8, 2026Updated last month
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆88Mar 2, 2025Updated last year
- Linux CS bypass technique☆32Feb 4, 2025Updated last year
- Proof-of-concept modular implant platform leveraging v8☆54Mar 4, 2025Updated last year
- ☆46Nov 7, 2024Updated last year
- This tools used for Automating finding of subdomain, and checking for alive subdomain, and gathering js files from all the subdomain and …☆22Jun 28, 2024Updated last year
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 10 months ago
- A tool for folks who `git clone` first and ask questions later☆66Sep 12, 2025Updated 5 months ago
- boostsecurityio/poutine☆373Feb 23, 2026Updated last week
- Demonstrates how a malicious dependency could negatively impact the build output.☆25Aug 11, 2023Updated 2 years ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆316Jan 25, 2026Updated last month
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Octoscan is a static vulnerability scanner for GitHub action workflows.☆245Dec 8, 2025Updated 2 months ago
- ☆192Apr 16, 2025Updated 10 months ago
- ☆18Feb 2, 2026Updated last month
- boostsecurityio/lotp☆139Updated this week
- ☆42Nov 13, 2025Updated 3 months ago
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- Hijack a slack bot to phish your way in☆57Jul 17, 2025Updated 7 months ago
- ☆17Jul 31, 2021Updated 4 years ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆61Nov 11, 2024Updated last year
- 💅🏽 analyzes your github actions☆98Feb 9, 2026Updated 3 weeks ago
- ☆50Jun 4, 2025Updated 9 months ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆62Jan 25, 2025Updated last year
- This GitHub Action scans artifacts for secrets using gitleaks before uploading them.☆42Dec 6, 2025Updated 3 months ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- ☆12Feb 4, 2025Updated last year
- ☆89Feb 11, 2022Updated 4 years ago