Add option to generate code excution commands/steps

Question

Add option to generate code excution commands/steps

Opened this issue a year ago · 1 comments

This is supposed to be fuctinality added to report sub-command.
After quering neo4j and finding vulnerable workflows or actions, it should print an explanation about the exploit, and how it could be exploited - for example -
"Command injection through PR name is possible in this workflow -
PR NAME = 'foo";{bash_command} "'

Answer 1 · 2023-11-05T12:16:10.000Z

This may be a feature for the new query library.
How I see it, we can implement an additional field for the each query, like attack-path, that explains the risk in the specified query.
I some queries we should explain the best practice reasoning (like pinned hashes), in other queries (like injection ones), we can show a demonstration for an exploit. This should be an optional field though.
WDYT @oreenlivnicode @elad-pticha ?