-
You can either specify the URLs of the repositories you want to scan as command-line arguments. Alternatively, the tool will prompt you to enter the URL if none are provided.
-
The tool extracts the username and repository name from the provided URL.
-
It then retrieves the list of workflows defined within the repository using the GitHub API.
-
Each workflow is downloaded and analyzed for the presence of the ${{ ... }} syntax within the run and uses commands of job steps.
-
Workflows containing this syntax are considered potentially vulnerable as they might be susceptible to injection attacks.
-
The tool displays the results, indicating whether any vulnerable workflows were found.
-
If vulnerabilities are detected, it lists the names of the affected workflows for further investigation.
-
Clone the repository or save the script as a Python file.
-
Install required libraries:
pip install requests rich argparse -
Run the script from the command line, specifying repository URLs as arguments:
python check_workflow_vulnerability.py https://github.com/your-username/your-repo-1 https://github.com/your-username/your-repo-2 -
Alternatively, run the script without arguments to be prompted for the repository URL.
- This tool is provided for validation purposes only, always remember to obtain authorization to perform testing.
- The author is not responsible for the use of this tool for illegal purposes