GitOops - All Paths Lead To Clouds

2021-10-09T20:30:00

Description

[![](https://blogger.googleusercontent.com/img/a/AVvXsEizrF9sqVk5IPiOzZab88QMm-zOpOtKKRgavZm6iXCJoUp_KFcq3m7fK7UV_y3QQLz0ki9RjXgpSzTuI9uFgbX1t1uw9CM7zhC7HMxfvq-6Tb-nlAfjn5qVHornwLlMtrOjUhsQ-lHMFcIqGvGbgm02CuRTjEP9l2Dq5e9thAktf2uk1MtELGBQ5p9flg=w640-h414)](<https://blogger.googleusercontent.com/img/a/AVvXsEizrF9sqVk5IPiOzZab88QMm-zOpOtKKRgavZm6iXCJoUp_KFcq3m7fK7UV_y3QQLz0ki9RjXgpSzTuI9uFgbX1t1uw9CM7zhC7HMxfvq-6Tb-nlAfjn5qVHornwLlMtrOjUhsQ-lHMFcIqGvGbgm02CuRTjEP9l2Dq5e9thAktf2uk1MtELGBQ5p9flg=s2048>) GitOops is a tool to help attackers and defenders identify [lateral movement](<https://www.kitploit.com/search/label/Lateral%20Movement> "lateral movement" ) and [privilege escalation](<https://www.kitploit.com/search/label/Privilege%20Escalation> "privilege escalation" ) paths in GitHub organizations by abusing CI/CD pipelines and GitHub [access](<https://www.kitploit.com/search/label/Access> "access" ) controls. It works by mapping relationships between a GitHub organization and its CI/CD jobs and environment variables. It'll use any Bolt-compatible graph database as backend, so you can query your attack paths with openCypher: MATCH p=(:User{login:"alice"})-[*..5]->(v:EnvironmentVariable) WHERE v.name =~ ".*SECRET.*" RETURN p GitOops takes inspiration from tools like [Bloodhound](<https://github.com/BloodHoundAD/BloodHound> "Bloodhound" ) and [Cartography](<https://github.com/lyft/cartography> "Cartography" ). Check out the [docs](<https://github.com/ovotech/gitoops/blob/main/docs/README.md> "docs" ) and [more example queries](<https://github.com/ovotech/gitoops/blob/main/docs/examples.md> "more example queries" ). **[Download Gitoops](<https://github.com/ovotech/gitoops/> "Download Gitoops" )**

{"id": "KITPLOIT:935767582514934867", "vendorId": null, "type": "kitploit", "bulletinFamily": "tools", "title": "GitOops - All Paths Lead To Clouds", "description": "[![](https://blogger.googleusercontent.com/img/a/AVvXsEizrF9sqVk5IPiOzZab88QMm-zOpOtKKRgavZm6iXCJoUp_KFcq3m7fK7UV_y3QQLz0ki9RjXgpSzTuI9uFgbX1t1uw9CM7zhC7HMxfvq-6Tb-nlAfjn5qVHornwLlMtrOjUhsQ-lHMFcIqGvGbgm02CuRTjEP9l2Dq5e9thAktf2uk1MtELGBQ5p9flg=w640-h414)](<https://blogger.googleusercontent.com/img/a/AVvXsEizrF9sqVk5IPiOzZab88QMm-zOpOtKKRgavZm6iXCJoUp_KFcq3m7fK7UV_y3QQLz0ki9RjXgpSzTuI9uFgbX1t1uw9CM7zhC7HMxfvq-6Tb-nlAfjn5qVHornwLlMtrOjUhsQ-lHMFcIqGvGbgm02CuRTjEP9l2Dq5e9thAktf2uk1MtELGBQ5p9flg=s2048>)\n\n \n\n\nGitOops is a tool to help attackers and defenders identify [lateral movement](<https://www.kitploit.com/search/label/Lateral%20Movement> \"lateral movement\" ) and [privilege escalation](<https://www.kitploit.com/search/label/Privilege%20Escalation> \"privilege escalation\" ) paths in GitHub organizations by abusing CI/CD pipelines and GitHub [access](<https://www.kitploit.com/search/label/Access> \"access\" ) controls.\n\n \n\n\nIt works by mapping relationships between a GitHub organization and its CI/CD jobs and environment variables. It'll use any Bolt-compatible graph database as backend, so you can query your attack paths with openCypher:\n \n \n MATCH p=(:User{login:\"alice\"})-[*..5]->(v:EnvironmentVariable) \n WHERE v.name =~ \".*SECRET.*\" \n RETURN p \n \n\n \n\n\nGitOops takes inspiration from tools like [Bloodhound](<https://github.com/BloodHoundAD/BloodHound> \"Bloodhound\" ) and [Cartography](<https://github.com/lyft/cartography> \"Cartography\" ).\n\nCheck out the [docs](<https://github.com/ovotech/gitoops/blob/main/docs/README.md> \"docs\" ) and [more example queries](<https://github.com/ovotech/gitoops/blob/main/docs/examples.md> \"more example queries\" ).\n\n \n \n\n\n**[Download Gitoops](<https://github.com/ovotech/gitoops/> \"Download Gitoops\" )**\n", "published": "2021-10-09T20:30:00", "modified": "2021-10-09T20:30:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "http://www.kitploit.com/2021/10/gitoops-all-paths-lead-to-clouds.html", "reporter": "KitPloit", "references": ["https://github.com/lyft/cartography", "https://github.com/ovotech/gitoops/", "https://github.com/BloodHoundAD/BloodHound", "https://github.com/ovotech/gitoops/blob/main/docs/README.md", "https://github.com/ovotech/gitoops/blob/main/docs/examples.md"], "cvelist": [], "immutableFields": [], "lastseen": "2022-04-07T12:01:36", "viewCount": 71, "enchantments": {"dependencies": {}, "score": {"value": 1.8, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 1.8}, "_state": {"dependencies": 1659914120, "score": 1659848886}, "_internal": {"score_hash": "57766c41a2e2908eb3fc1c1f676a724a"}, "toolHref": "https://github.com/ovotech/gitoops/"}