GitPhish is an automated tool that exploits GitHub’s OAuth device code flow to gain unauthorized access to repositories, secrets, and CI/CD systems. Learn how it works, how to use it, and how to mitigate this emerging phishing technique.
GitPhish is an automated tool that exploits GitHub’s OAuth device code flow to gain unauthorized access to repositories, secrets, and CI/CD systems. Learn how it works, how to use it, and how to mitigate this emerging phishing technique.