No keys attached: Exploring GitHub-to-AWS keyless authentication flaws | Datadog Security Labs
Tags
| attack-pattern: | Data Credentials - T1589.001 Python - T1059.006 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 99b2976a-9073-4280-8cab-1dadd1bc8692 |
| Fingerprint | bc0416914d724f44 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 27, 2023, midnight |
| Added to db | Nov. 9, 2023, 1:16 a.m. |
| Last updated | Nov. 16, 2024, 8:10 p.m. |
| Headline | No keys attached: Exploring GitHub-to-AWS keyless authentication flaws |
| Title | No keys attached: Exploring GitHub-to-AWS keyless authentication flaws | Datadog Security Labs |
| Detected Hints/Tags/Attributes | 53/1/11 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 230 | ✔ | Datadog Security Labs | https://securitylabs.datadoghq.com/rss/feed.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 3 | token.actions.githubusercontent.com |
|
| Details | Domain | 11 | sts.amazonaws.com |
|
| Details | Domain | 1 | pipelines.actions.githubusercontent.com |
|
| Details | Domain | 1 | mirror.tf |
|
| Details | Domain | 3 | evt.name |
|
| Details | File | 10 | results.json |
|
| Details | File | 72 | response.json |
|
| Details | File | 1 | 'role-arns.txt |
|
| Details | Url | 3 | https://token.actions.githubusercontent.com |
|
| Details | Url | 1 | https://token.actions.githubusercontent.com/.well |
|
| Details | Url | 1 | https://pipelines.actions.githubusercontent.com/... |