Insecure GitHub Webhooks

Checks for GitHub organizations with insecure webhooks. A webhook is considered insecure if the URL uses the HTTP protocol, if SSL verification is disabled or the webhook secret is empty.

Examples

Insecure Example

Secure Example

More information

• GitHub Documentation - Securing your webhooks