Skip to content
View offensive-actions's full-sized avatar
47 followers · 9 following

Achievements

Achievement: Pull SharkAchievement: Starstruck

Achievements

Achievement: Pull SharkAchievement: Starstruck

Block or report offensive-actions

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. release-tampering-pocs release-tampering-pocs Public

    Proof of Concepts for malicious maintainers: How to Tamper with Releases built with GitHub Actions Worfklows, presented at fwd:cloudsec Europe 2025

    Shell 83 5

  2. terraform-provider-statefile-rce terraform-provider-statefile-rce Public

    This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.

    Go 62 3

  3. azure-storage-reverse-shell azure-storage-reverse-shell Public

    This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs

    Python 39 3

  4. secret-env-exfiltrator secret-env-exfiltrator Public

    A GitHub Action that exfiltrates secrets and environment variables

    1 1