Skip to content

chore(companion): mirror htpx Jenkins CI/CD pairs#74

Merged
Gerrrt merged 2 commits into
mainfrom
claude/dotfiles-round-7-github-b8nut0
Jul 2, 2026
Merged

chore(companion): mirror htpx Jenkins CI/CD pairs#74
Gerrrt merged 2 commits into
mainfrom
claude/dotfiles-round-7-github-b8nut0

Conversation

@Gerrrt

@Gerrrt Gerrrt commented Jul 2, 2026

Copy link
Copy Markdown
Collaborator

Round 13 — Jenkins CI/CD (Kali mirror)

Mirrors the 3 new companion-only red↔blue pairs from htpx (source of truth) into the vendored offensive/companion/ tree, plus the refreshed companion/README.md.

New entries:

  • jenkins-script-consolejenkins-script-console-audit (T1059)
  • jenkins-api-tokenjenkins-api-token-audit (T1098)
  • jenkins-job-backdoorjenkins-job-backdoor-audit (T1072)

Self-hosted CI pairs, so no flat-view generation./offensive/companion/gen-views.sh --check confirms PURPLE-TEAM.md and hacktheplanet stay untouched. Entries + README byte-identical to htpx (verified with diff). companion.lock left alone (subtree bump lands via the htpx release fan-out).

🤖 Generated with Claude Code


Generated by Claude Code

Sync the 3 new companion-only red↔blue pairs from htpx (source of truth) into the
vendored offensive/companion/ tree, plus the refreshed README:

- jenkins-script-console ↔ jenkins-script-console-audit (T1059)
- jenkins-api-token ↔ jenkins-api-token-audit (T1098)
- jenkins-job-backdoor ↔ jenkins-job-backdoor-audit (T1072)

Self-hosted CI pairs, so no flat-view generation — gen-views.sh --check confirms
PURPLE-TEAM.md / hacktheplanet stay untouched. Entries + README byte-identical to
htpx; companion.lock left alone (subtree bump lands via the htpx release fan-out).

Co-Authored-By: Claude <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_011spYcGfeP4a3RNQQVDrGtW
Copilot AI review requested due to automatic review settings July 2, 2026 06:31

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Mirrors three new companion-only Jenkins CI/CD red↔blue entry pairs into offensive/companion/ and updates the companion corpus README to include the new Jenkins rows/counts.

Changes:

  • Add three Jenkins red attack entries: Script Console RCE, API token persistence, and job/pipeline backdoor.
  • Add three matching Jenkins blue detections using Jenkins Audit Trail plugin telemetry (Splunk SPL).
  • Update offensive/companion/README.md to reflect the expanded corpus and list the new Jenkins pairs.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
offensive/companion/README.md Updates corpus count/summary and adds Jenkins rows to the red↔blue table.
offensive/companion/entries/red/jenkins-script-console.md New red entry documenting Script Console RCE technique and example request.
offensive/companion/entries/red/jenkins-job-backdoor.md New red entry documenting malicious job/pipeline backdoor technique and example request.
offensive/companion/entries/red/jenkins-api-token.md New red entry documenting user API token persistence and example request.
offensive/companion/entries/blue/jenkins-script-console-audit.md New blue detection entry for Script Console usage in Jenkins audit logs (SPL).
offensive/companion/entries/blue/jenkins-job-backdoor-audit.md New blue detection entry for job create/reconfigure activity in Jenkins audit logs (SPL).
offensive/companion/entries/blue/jenkins-api-token-audit.md New blue detection entry for API token creation activity in Jenkins audit logs (SPL).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread offensive/companion/entries/blue/jenkins-api-token-audit.md Outdated
Comment thread offensive/companion/entries/blue/jenkins-job-backdoor-audit.md Outdated
Comment thread offensive/companion/entries/blue/jenkins-job-backdoor-audit.md Outdated
Comment thread offensive/companion/entries/red/jenkins-job-backdoor.md Outdated
Mirror the htpx corrections: job-backdoor scoped to `/job/<name>/configSubmit`,
api-token scoped to `ApiTokenProperty/generateNewToken`, leading slashes, and the
README platform-list rewording. Entries + README byte-identical to htpx;
gen-views.sh --check clean; companion.lock untouched.

Co-Authored-By: Claude <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_011spYcGfeP4a3RNQQVDrGtW
@Gerrrt Gerrrt merged commit b16c6c8 into main Jul 2, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants