Forked from carnal0wnage/DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
Created
August 23, 2018 13:04
-
-
Save namishelex01/3db28bbdd102c6100ae60f64daaba5cb to your computer and use it in GitHub Desktop.
Links from Chris Gates/Ken Johnson DevOOPS RSA 17 presentation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RSA 2017 DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links SessionID: HTA-W02 | |
https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains | |
Recording of talk from CERN | |
https://indico.cern.ch/event/622483/ (click the recording button) | |
Past talks: | |
http://www.slideshare.net/KenJohnson61/aws-surival-guide | |
[Ken Johnson earlier talk on AWS security, dedicated to using these services (cloudwatch/config/cloudtrail)] | |
https://www.youtube.com/watch?v=g-wy9NdATtA&feature=youtu.be | |
Chris Gates & Ken Johnson - DevOops: Redux - AppSecUSA 2016 | |
https://www.youtube.com/watch?v=VMyp74ct2H0 | |
[nVisium Blog] | |
https://nvisium.com/blog/ | |
[Chris Gates Blog] | |
http://carnal0wnage.attackresearch.com | |
[In the news examples] | |
https://www.quora.com/My-AWS-account-was-hacked-and-I-have-a-50-000-bill-how-can-I-reduce-the-amount-I-need-to-pay | |
https://medium.com/how-i-learned-ruby-rails/how-to-get-robbed-by-insecure-practices-8a1118fe3d7f#.9o81eqare | |
http://www.theregister.co.uk/2015/01/06/dev_blunder_shows_github_crawling_with_keyslurping_bots/ | |
http://searchaws.techtarget.com/news/2240223024/Code-Spaces-goes-dark-after-AWS-cloud-security-hack | |
https://www.databreaches.net/dozens-of-clinics-thousands-of-patients-impacted-by-third-party-data-leak/ | |
https://mackeeper.com/blog/post/275-30-breaches-in-one | |
http://www.techrepublic.com/article/massive-ransomware-attack-takes-out-27000-mongodb-servers/ | |
http://www.pcworld.com/article/3157417/security/after-mongodb-ransomware-groups-hit-exposed-elasticsearch-clusters.html | |
[Slack Logs] | |
https://api.slack.com/methods/team.accessLogs | |
https://github.com/maus-/slack-auditor | |
[GitRob] | |
https://github.com/michenriksen/gitrob | |
[TruffleHog] | |
https://github.com/dxa4481/truffleHog | |
[GitMonitor] | |
https://gitmonitor.com/ | |
[Open Source Tools for monitoring pastebin*] | |
https://github.com/jordan-wright/dumpmon | |
https://github.com/xme/pastemon | |
https://github.com/cvandeplas/pystemon | |
[osquery] | |
https://osquery.io/ | |
[Doorman] | |
https://github.com/mwielgoszewski/doorman | |
[BlockBlock] | |
https://objective-see.com/products/blockblock.html | |
[Little Snitch] | |
https://www.obdev.at/products/littlesnitch/index.html | |
[CarbonBlack] | |
https://www.carbonblack.com/ | |
[StreamAlert] | |
https://github.com/airbnb/streamalert | |
Patch Management | |
[Simian] | |
https://github.com/google/simian | |
[Munki] | |
https://www.munki.org/munki/ | |
[Jenkins] | |
https://wiki.jenkins-ci.org/display/SECURITY/Home | |
https://www.pentestgeek.com/2014/06/13/hacking-jenkins-servers-with-no-password/ | |
http://www.labofapenetrationtester.com/2014/06/hacking-jenkins-servers.html | |
http://zeroknock.blogspot.com/search/label/Hacking%20Jenkins | |
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_script_console.rb | |
[ElasticSearch] | |
http://carnal0wnage.attackresearch.com/2017/01/devooops-elasticsearch.html | |
In-Memory Databases | |
[Redis] | |
https://redis.io/topics/security | |
http://antirez.com/news/96 | |
http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ | |
https://gist.github.com/lokielse/d4e62ae1bb2d5da50ec04aadccc6edf1 | |
[Memcache] | |
http://www.slideshare.net/wallarm/us-14novikovthenewpageofinjectionsbookmemcachedinjectionswp | |
http://infiltrate.tumblr.com/post/38565427/hacking-memcache | |
http://www.darkcoding.net/software/memcached-list-all-keys/ | |
https://5mins.wordpress.com/2011/04/25/plaidctf-django-challenge-writeup-web-300/ | |
http://www.slideshare.net/sensepost/cache-on-delivery | |
http://blog.couchbase.com/memcached-go-derper-black-hat-and-amazon-web-services-aws-security-bulletin | |
https://lincolnloop.com/blog/playing-pickle-security/ | |
https://www.sensepost.com/blog/2010/playing-with-python-pickle-%231/ | |
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/memcached_extractor.rb | |
Big Data | |
[Hadoop] | |
http://archive.hack.lu/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf | |
https://hadoopecosystemtable.github.io/ | |
[Vagrant] | |
http://carnal0wnage.attackresearch.com/2017/01/devooops-client-provisioning-vagrant.html | |
[Docker] | |
https://zeltser.com/security-risks-and-benefits-of-docker-application/ | |
https://blog.docker.com/2014/06/docker-container-breakout-proof-of-concept-exploit/ | |
http://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and-security | |
https://www.blackhat.com/docs/eu-15/materials/eu-15-Bettini-Vulnerability-Exploitation-In-Docker-Container-Environments-wp.pdf | |
https://www.sumologic.com/blog-security/securing-docker-containers/ | |
https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-10pdf/ | |
[Shipyard] | |
https://github.com/shipyard/shipyard | |
[AWS - Vulnerable Webapps] | |
https://www.blackhat.com/docs/us-14/materials/us-14-Riancho-Pivoting-In-Amazon-Clouds-WP.pdf | |
https://andresriancho.github.io/nimbostratus/ | |
[Review S3 buckets to determine security policy] | |
https://gist.github.com/cktricky/faf0f40116e535a055b7412458136917 | |
[Ken Johnson earlier talk on AWS security, dedicated to using these services (cloudwatch/config/cloudtrail)] | |
https://www.youtube.com/watch?v=g-wy9NdATtA&feature=youtu.be | |
[Tool to list the monitoring services configuration] | |
CloudWatch / CloudTrail / Config | |
https://gist.github.com/cktricky/f19e8d55ea5dcb1fdade6ede588c6576 | |
[Review “Well Architected Framework” from AWS which discuss monitoring and other controls] | |
http://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf | |
[Tool to inspect each user’s permissions] | |
https://gist.github.com/cktricky/257990df2f36aa3a01a8809777d49f5d | |
[If you’re using something like Paperclip + Rails, try Fog to leverage Roles] | |
https://github.com/thoughtbot/paperclip/issues/1591 | |
[Backdooring AWS accounts] | |
https://danielgrzelak.com/backdooring-an-aws-account-da007d36f8f9#.e341mt8zn | |
https://danielgrzelak.com/exploring-an-aws-account-after-pwning-it-ff629c2aae39#.7198xyt30 | |
https://danielgrzelak.com/disrupting-aws-logging-a42e437d6594#.nb8s0ser4 | |
[Gone in 60 Milliseconds - Intrusion and Exfiltration in Server-less Architectures ] | |
https://www.youtube.com/watch?v=YZ058hmLuv0 | |
[Scout 2 AWS Auditing] | |
https://github.com/nccgroup/Scout2 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment