Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DO NOT MERGE] Test if GitHub PRs can leak secrets #1

Closed
wants to merge 1 commit into from
Closed

[DO NOT MERGE] Test if GitHub PRs can leak secrets #1

wants to merge 1 commit into from

Commits on Nov 18, 2022

  1. [DO NOT MERGE] Test if GitHub PRs can leak secrets 

    This is an attempt to extract the AWS key associated with `CACHES_AWS_ACCESS_KEY_ID` via a pull request. This secret is not considered sensitive.

This attack is done in coordination with the Security Response WG and for educational purposes only.

cc @pietroalbini @cuviper
    Lukas Markeffsky committed Nov 18, 2022
    Configuration menu
    Copy the full SHA
    ec96d39 View commit details
    Browse the repository at this point in the history