Forked from carnal0wnage/DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
Created
March 24, 2017 12:00
-
-
Save furusiyya/a0f5e1af3611f3bb0e16baa58dcbfda3 to your computer and use it in GitHub Desktop.
Links from Chris Gates/Ken Johnson DevOOPS RSA 17 presentation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RSA 2017 DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links SessionID: HTA-W02 | |
https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains | |
Past talks: | |
http://www.slideshare.net/KenJohnson61/aws-surival-guide | |
[Ken Johnson earlier talk on AWS security, dedicated to using these services (cloudwatch/config/cloudtrail)] | |
https://www.youtube.com/watch?v=g-wy9NdATtA&feature=youtu.be | |
Chris Gates & Ken Johnson - DevOops: Redux - AppSecUSA 2016 | |
https://www.youtube.com/watch?v=VMyp74ct2H0 | |
[nVisium Blog] | |
https://nvisium.com/blog/ | |
[Chris Gates Blog] | |
http://carnal0wnage.attackresearch.com | |
[In the news examples] | |
https://www.quora.com/My-AWS-account-was-hacked-and-I-have-a-50-000-bill-how-can-I-reduce-the-amount-I-need-to-pay | |
https://medium.com/how-i-learned-ruby-rails/how-to-get-robbed-by-insecure-practices-8a1118fe3d7f#.9o81eqare | |
http://www.theregister.co.uk/2015/01/06/dev_blunder_shows_github_crawling_with_keyslurping_bots/ | |
http://searchaws.techtarget.com/news/2240223024/Code-Spaces-goes-dark-after-AWS-cloud-security-hack | |
https://www.databreaches.net/dozens-of-clinics-thousands-of-patients-impacted-by-third-party-data-leak/ | |
https://mackeeper.com/blog/post/275-30-breaches-in-one | |
http://www.techrepublic.com/article/massive-ransomware-attack-takes-out-27000-mongodb-servers/ | |
http://www.pcworld.com/article/3157417/security/after-mongodb-ransomware-groups-hit-exposed-elasticsearch-clusters.html | |
[Slack Logs] | |
https://api.slack.com/methods/team.accessLogs | |
https://github.com/maus-/slack-auditor | |
[GitRob] | |
https://github.com/michenriksen/gitrob | |
[TruffleHog] | |
https://github.com/dxa4481/truffleHog | |
[GitMonitor] | |
https://gitmonitor.com/ | |
[Open Source Tools for monitoring pastebin*] | |
https://github.com/jordan-wright/dumpmon | |
https://github.com/xme/pastemon | |
https://github.com/cvandeplas/pystemon | |
[osquery] | |
https://osquery.io/ | |
[Doorman] | |
https://github.com/mwielgoszewski/doorman | |
[BlockBlock] | |
https://objective-see.com/products/blockblock.html | |
[Little Snitch] | |
https://www.obdev.at/products/littlesnitch/index.html | |
[CarbonBlack] | |
https://www.carbonblack.com/ | |
[StreamAlert] | |
https://github.com/airbnb/streamalert | |
Patch Management | |
[Simian] | |
https://github.com/google/simian | |
[Munki] | |
https://www.munki.org/munki/ | |
[Jenkins] | |
https://wiki.jenkins-ci.org/display/SECURITY/Home | |
https://www.pentestgeek.com/2014/06/13/hacking-jenkins-servers-with-no-password/ | |
http://www.labofapenetrationtester.com/2014/06/hacking-jenkins-servers.html | |
http://zeroknock.blogspot.com/search/label/Hacking%20Jenkins | |
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_script_console.rb | |
[ElasticSearch] | |
http://carnal0wnage.attackresearch.com/2017/01/devooops-elasticsearch.html | |
In-Memory Databases | |
[Redis] | |
https://redis.io/topics/security | |
http://antirez.com/news/96 | |
http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ | |
https://gist.github.com/lokielse/d4e62ae1bb2d5da50ec04aadccc6edf1 | |
[Memcache] | |
http://www.slideshare.net/wallarm/us-14novikovthenewpageofinjectionsbookmemcachedinjectionswp | |
http://infiltrate.tumblr.com/post/38565427/hacking-memcache | |
http://www.darkcoding.net/software/memcached-list-all-keys/ | |
https://5mins.wordpress.com/2011/04/25/plaidctf-django-challenge-writeup-web-300/ | |
http://www.slideshare.net/sensepost/cache-on-delivery | |
http://blog.couchbase.com/memcached-go-derper-black-hat-and-amazon-web-services-aws-security-bulletin | |
https://lincolnloop.com/blog/playing-pickle-security/ | |
https://www.sensepost.com/blog/2010/playing-with-python-pickle-%231/ | |
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/memcached_extractor.rb | |
Big Data | |
[Hadoop] | |
http://archive.hack.lu/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf | |
https://hadoopecosystemtable.github.io/ | |
[Vagrant] | |
http://carnal0wnage.attackresearch.com/2017/01/devooops-client-provisioning-vagrant.html | |
[Docker] | |
https://zeltser.com/security-risks-and-benefits-of-docker-application/ | |
https://blog.docker.com/2014/06/docker-container-breakout-proof-of-concept-exploit/ | |
http://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and-security | |
https://www.blackhat.com/docs/eu-15/materials/eu-15-Bettini-Vulnerability-Exploitation-In-Docker-Container-Environments-wp.pdf | |
https://www.sumologic.com/blog-security/securing-docker-containers/ | |
https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-10pdf/ | |
[Shipyard] | |
https://github.com/shipyard/shipyard | |
[AWS - Vulnerable Webapps] | |
https://www.blackhat.com/docs/us-14/materials/us-14-Riancho-Pivoting-In-Amazon-Clouds-WP.pdf | |
https://andresriancho.github.io/nimbostratus/ | |
[Review S3 buckets to determine security policy] | |
https://gist.github.com/cktricky/faf0f40116e535a055b7412458136917 | |
[Ken Johnson earlier talk on AWS security, dedicated to using these services (cloudwatch/config/cloudtrail)] | |
https://www.youtube.com/watch?v=g-wy9NdATtA&feature=youtu.be | |
[Tool to list the monitoring services configuration] | |
CloudWatch / CloudTrail / Config | |
https://gist.github.com/cktricky/f19e8d55ea5dcb1fdade6ede588c6576 | |
[Review “Well Architected Framework” from AWS which discuss monitoring and other controls] | |
http://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf | |
[Tool to inspect each user’s permissions] | |
https://gist.github.com/cktricky/257990df2f36aa3a01a8809777d49f5d | |
[If you’re using something like Paperclip + Rails, try Fog to leverage Roles] | |
https://github.com/thoughtbot/paperclip/issues/1591 | |
[Backdooring AWS accounts] | |
https://danielgrzelak.com/backdooring-an-aws-account-da007d36f8f9#.e341mt8zn | |
https://danielgrzelak.com/exploring-an-aws-account-after-pwning-it-ff629c2aae39#.7198xyt30 | |
https://danielgrzelak.com/disrupting-aws-logging-a42e437d6594#.nb8s0ser4 | |
[Gone in 60 Milliseconds - Intrusion and Exfiltration in Server-less Architectures ] | |
https://www.youtube.com/watch?v=YZ058hmLuv0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment