GHPscanner

# GHPscanner - GitHub Pages Security Framework A comprehensive security assessment framework for GitHub Pages hosting environments. GHPscanner identifies and exploits vulnerabilities in GitHub Pages deployments with real, working exploits. ## Features ### Scanning Modules - **Subdomain Takeover Detection** - Identify vulnerable DNS configurations - **CSP Header Analysis** - Check Content Security Policy weaknesses - **Jekyll Build Process Audit** - Analyze Jekyll configuration files - **XSS Vulnerability Scanning** - Detect cross-site scripting vectors - **GitHub Actions Workflow Audit** - Review CI/CD pipeline security - **SSL/TLS Configuration Check** - Verify certificate and encryption settings ### Exploitation Modules - **Real Subdomain Takeover** - Generate takeover payloads and scripts - **CSP Bypass & Data Exfiltration** - Multiple techniques to bypass Content Security Policies - **Jekyll Build Process Injection** - Malicious plugin injection for persistent backdoors - **XSS Payload Delivery** - Cookie stealing, redirects, and keyloggers - **GitHub Actions RCE** - Reverse shell deployment through workflows - **SSL Stripping & MITM** - Network-level attacks for interception  ## Installation ### Prerequisites - Kali Linux (recommended) or any Linux distribution - Python 3.8+ - Root access (for some modules) ### Installation ```bash # Install system dependencies sudo apt update && sudo apt upgrade -y sudo apt install -y python3-pip git dnsutils whois ssltrip # Install exploitation tools sudo apt install -y sslstrip dsniff mitmproxy ``` ### Quick Setup ```bash # Clone the repository git clone https://github.com/ekomsSavior/GHPscanner.git cd GHPscanner # Install dependencies pip3 install -r requirements.txt # Run the framework python3 ghp_scanner.py ``` ## Usage ### Basic Operation ```bash python3 ghp_scanner.py ``` ### Framework Workflow 1. **Target Management** - Add domains or GitHub repositories 2. **Vulnerability Scanning** - Comprehensive security assessment 3. **Exploitation** - Launch real attacks against identified vulnerabilities 4. **Reporting** - Generate detailed security reports ### RUN GHPscanner ```bash python3 ghp_scanner.py ``` ## Modules Overview ### Scanning Capabilities - **Subdomain Takeover**: Detects dangling DNS records pointing to unclaimed GitHub Pages - **CSP Analysis**: Identifies weak Content Security Policy configurations - **Jekyll Audit**: Checks for exposed configuration files and build vulnerabilities - **XSS Scanning**: Finds reflection points and injection vectors - **Workflow Security**: Audits GitHub Actions for RCE opportunities - **SSL Verification**: Validates certificate configuration and encryption ### Exploitation Features - **Takeover Exploits**: Generate complete takeover pages with data exfiltration - **CSP Bypasses**: Multiple techniques including JSONP, AngularJS, and CSS exfiltration - **Jekyll Backdoors**: Ruby plugins that inject malicious JavaScript during build - **XSS Payloads**: Ready-to-use payloads for cookie theft and user redirection - **RCE Workflows**: GitHub Actions that provide reverse shell access - **MITM Attacks**: SSL stripping scripts for network interception ## Reporting Generate comprehensive reports in multiple formats: - **HTML** - Interactive web reports - **JSON** - Machine-readable output - **Markdown** - Documentation-friendly format ## Legal & Ethical Use **IMPORTANT**: This tool is designed for: - Security research and education - Authorized penetration testing - Improving organizational security **DO NOT USE** for: - Unauthorized testing - Malicious activities - Illegal purposes Always ensure you have explicit permission before testing any systems. ## Defensive Recommendations After using GHPscanner, implement these security measures: 1. **DNS Security** - Regularly audit CNAME records - Monitor for subdomain takeovers - Use proper DNS monitoring 2. **Content Security** - Implement strict CSP headers - Avoid 'unsafe-inline' and 'unsafe-eval' - Regularly audit third-party scripts 3. **Build Process Security** - Review Jekyll plugins regularly - Secure environment variables - Monitor build logs for anomalies 4. **CI/CD Security** - Review GitHub Actions workflows - Limit token permissions - Implement code review for workflows --- # By: **ek0ms savi0r** [ekomsSavior](https://github.com/ekomsSavior) --- ## **Disclaimer**: This tool is for educational and authorized testing purposes only. The author is not responsible for any misuse or damage caused by this tool. Always ensure proper authorization before conducting security assessments.

MIT License Copyright (c) 2026 ek0mssavi0r Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. USE AT YOUR OWN RISK. NO WARRANTY PROVIDED.