Our Red Team has explored and exploited vulnerabilities in the CI/CD space over the last several years, resulting in numerous successful offensive operations, open-source tool development, and presentations at Black Hat, DEF CON, and Schmoocon.
With organizations increasingly relying on automated deployment pipelines, securing CI/CD infrastructure has become more critical than ever — yet many teams still struggle to identify and mitigate these complex attack vectors. Through hands-on experience with platforms like GitHub, GitLab, and Jenkins, we’ve shown how attackers can abuse misconfigurations, escalate privileges, and compromise entire supply chains through DevOps platforms.
Now, we’re packaging everything we’ve learned into a new training at Black Hat built to give engineers the practical skills needed to attack and defend modern CI/CD systems.
Research Highlights
Our team continuously contributes to supply chain security through meaningful research, routinely uncovering novel vulnerabilities and sharing insights with the broader security community. Our recent work includes:
- CodeQLEAKED – Public Secrets Exposure Leads to Supply Chain Attack on GitHub CodeQL
- We discovered that a GitHub Actions workflow in the CodeQL repository briefly exposed a GitHub token within a debug artifact. Despite its short lifespan, the token had write permissions, allowing repository compromise and highlighting serious supply chain risks.
- TensorFlow Supply Chain Compromise via Self-Hosted Runner Attack
- Praetorian researchers identified a misconfiguration in the TensorFlow repository that could allow an external attacker to compromise the repository’s self-hosted runners. An attacker could steal secrets through runner post-exploitation and workflow runtime tampering, leading to a full-scale supply chain attack.
- Compromising ByteDance’s Rspack using GitHub Actions Vulnerabilities
- Our team uncovered vulnerabilities in ByteDance’s Rspack repository where GitHub Actions workflows could be triggered by specific comments, leading to the execution of untrusted code. Exploitation of these flaws allowed for the compromise of NPM deployment tokens and GitHub Personal Access Tokens.
Supply Chain Security Tools
In the spirit of Praetorian, we love to build tools—many of which power our internal platform, Chariot.
- GATO (Github Attack ToolKit)
- Identifies and exploits misconfigurations in GitHub Actions workflows. It supports mapping pipelines, privilege escalation, and secrets extraction.
- GitPhish
- Automates GitHub OAuth device code phishing. Demonstrates how attackers can trick users into granting token-based access.
- Nosey Parker
- Scans files and Git history for secrets like credentials and API keys. Fast, flexible, and suitable for red and blue team use.
- Glato (GitLab Attack ToolKit) – BlackHat 2025 Release
- Brings Gato’s capabilities to GitLab, helping uncover and exploit CI/CD pipeline vulnerabilities.
Supply Chain Security Training At Black Hat 2025
We’re excited to present everything we’ve learned about CI/CD security into a comprehensive training course that we will be debuting this year at BlackHat Trainings on August 2nd-3rd and August 4th-5th.
Praetorian designed this course for intermediate to advanced security professionals who want to gain deep, hands-on experience in CI/CD pipeline security. Led by Mason Davis, Matthew Jackoski, and John Stawinski—researchers behind the discovery of CI/CD vulnerabilities in major open-source projects and Fortune 100s—this training walks participants through real-world techniques in a fully provisioned lab environment.
Whether you’re an AppSec engineer exploring pipeline risks, a red teamer targeting CI/CD infrastructure, or a DevSecOps professional defending workflow configurations, you’ll leave with practical skills and context you can immediately apply.
Over two intensive days, you’ll gain practical experience with:
- Initial access techniques like Personal Access Token abuse and secrets exfiltration
- Advanced attacks, including self-hosted runner compromise, post-exploitation, and cross-repository tampering
- Runner implantation, workflow tampering, and OIDC token abuse in public repositories
- Real-world scenarios across GitHub Actions, GitLab, and Jenkins
No setup is required—just bring your browser. We’ll provide the entire lab infrastructure.
Training Details:
- When: August 2nd/3rd and 4th/5th, 2025
- Where: BlackHat USA 2025, Las Vegas
- Registration: August 2nd-3rd and August 4th-5th
- Questions? Contact us at marketing_team@praetorian.com
