When we’re investigating a security vulnerability, we might download a PoC (Proof of Concept) to help with our remediation. Researchers have analysed around 47,000 such repositories on GitHub and found around 10% of them were malicious, themselves containing malware. This tells us that blindly trusting a repository on GitHub from an unverified source is a bad idea. Content on there is not moderated, so it falls on the users to review it before using it. We should follow these three steps to stay safe. First read the code carefully before running it. Second sandbox it if its too obfuscated and lastly use open-source intelligence tools like VirusTotal to analyze any binaries.
This segment was created for the It’s 5:05 podcast