From f76c04125e9c0dd84a52880955f1854cc68e2322 Mon Sep 17 00:00:00 2001
From: Asi Greenholts <88270351+TupleType@users.noreply.github.com>
Date: Sun, 7 Jul 2024 15:16:53 +0300
Subject: [PATCH 1/2] Add GHTorrent project

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 720c813..f9e3dab 100644
--- a/README.md
+++ b/README.md
@@ -85,9 +85,10 @@ A curated list of unique and useful CI/CD attack techniques.
 - [Working as unexpected](https://www.chainguard.dev/unchained/working-as-unexpected) - Creating a GitHub branch that matches a branch protection rule pattern with a workflow file that triggers on push to gain access to environment secrets.
 - [Zuckerpunch - Abusing Self Hosted GitHub Runners at Facebook](https://marcyoung.us/post/zuckerpunch/) - Hide commits in a GitHub PR.
 
-## Offensive Tools
+## Tools
 - [ADOKit](https://github.com/xforcered/ADOKit) - Azure DevOps Services Attack Toolkit.
 - [Gato](https://github.com/praetorian-inc/gato) - GitHub Attack Toolkit.
+- [GHTorrent Project](http://ghtorrent-downloads.ewi.tudelft.nl/mysql/) - A queryable offline mirror of the GitHub API data. (Tutorial)[https://ghtorrent.github.io/tutorial/].
 - [git-dumper](https://github.com/arthaud/git-dumper) - Dump Git repository from a website.
 - [GitFive](https://github.com/mxrch/gitfive) - OSINT tool to investigate GitHub profiles.
 - [Grep.app](https://grep.app/) - Search GitHub using regex.

From 8d6e0c2b6784f475cd4b354cf86a6b4062f0fe64 Mon Sep 17 00:00:00 2001
From: Asi Greenholts <88270351+TupleType@users.noreply.github.com>
Date: Sun, 7 Jul 2024 15:20:10 +0300
Subject: [PATCH 2/2] Fix linting

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index f9e3dab..befa4be 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@ Practical resources for offensive CI/CD security research.
   - [Initial Code Execution](#initial-code-execution)
   - [Post Exploitation](#post-exploitation)
   - [Defense Evasion](#defense-evasion)
-- [Offensive Tools](#offensive-tools)
+- [Tools](#tools)
 - [Case Studies](#case-studies)
 - [Similar Projects](#similar-projects)
 
@@ -88,7 +88,7 @@ A curated list of unique and useful CI/CD attack techniques.
 ## Tools
 - [ADOKit](https://github.com/xforcered/ADOKit) - Azure DevOps Services Attack Toolkit.
 - [Gato](https://github.com/praetorian-inc/gato) - GitHub Attack Toolkit.
-- [GHTorrent Project](http://ghtorrent-downloads.ewi.tudelft.nl/mysql/) - A queryable offline mirror of the GitHub API data. (Tutorial)[https://ghtorrent.github.io/tutorial/].
+- [GHTorrent Project](http://ghtorrent-downloads.ewi.tudelft.nl/mysql/) - A queryable offline mirror of the GitHub API data. [Tutorial](https://ghtorrent.github.io/tutorial/).
 - [git-dumper](https://github.com/arthaud/git-dumper) - Dump Git repository from a website.
 - [GitFive](https://github.com/mxrch/gitfive) - OSINT tool to investigate GitHub profiles.
 - [Grep.app](https://grep.app/) - Search GitHub using regex.