Forked from carnal0wnage/DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
Created
March 26, 2017 12:58
-
-
Save widnyana/9f9551dd31c950cf844412a826b16679 to your computer and use it in GitHub Desktop.
Links from Chris Gates/Ken Johnson DevOOPS RSA 17 presentation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RSA 2017 DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links SessionID: HTA-W02 | |
| https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains | |
| Past talks: | |
| http://www.slideshare.net/KenJohnson61/aws-surival-guide | |
| [Ken Johnson earlier talk on AWS security, dedicated to using these services (cloudwatch/config/cloudtrail)] | |
| https://www.youtube.com/watch?v=g-wy9NdATtA&feature=youtu.be | |
| Chris Gates & Ken Johnson - DevOops: Redux - AppSecUSA 2016 | |
| https://www.youtube.com/watch?v=VMyp74ct2H0 | |
| [nVisium Blog] | |
| https://nvisium.com/blog/ | |
| [Chris Gates Blog] | |
| http://carnal0wnage.attackresearch.com | |
| [In the news examples] | |
| https://www.quora.com/My-AWS-account-was-hacked-and-I-have-a-50-000-bill-how-can-I-reduce-the-amount-I-need-to-pay | |
| https://medium.com/how-i-learned-ruby-rails/how-to-get-robbed-by-insecure-practices-8a1118fe3d7f#.9o81eqare | |
| http://www.theregister.co.uk/2015/01/06/dev_blunder_shows_github_crawling_with_keyslurping_bots/ | |
| http://searchaws.techtarget.com/news/2240223024/Code-Spaces-goes-dark-after-AWS-cloud-security-hack | |
| https://www.databreaches.net/dozens-of-clinics-thousands-of-patients-impacted-by-third-party-data-leak/ | |
| https://mackeeper.com/blog/post/275-30-breaches-in-one | |
| http://www.techrepublic.com/article/massive-ransomware-attack-takes-out-27000-mongodb-servers/ | |
| http://www.pcworld.com/article/3157417/security/after-mongodb-ransomware-groups-hit-exposed-elasticsearch-clusters.html | |
| [Slack Logs] | |
| https://api.slack.com/methods/team.accessLogs | |
| https://github.com/maus-/slack-auditor | |
| [GitRob] | |
| https://github.com/michenriksen/gitrob | |
| [TruffleHog] | |
| https://github.com/dxa4481/truffleHog | |
| [GitMonitor] | |
| https://gitmonitor.com/ | |
| [Open Source Tools for monitoring pastebin*] | |
| https://github.com/jordan-wright/dumpmon | |
| https://github.com/xme/pastemon | |
| https://github.com/cvandeplas/pystemon | |
| [osquery] | |
| https://osquery.io/ | |
| [Doorman] | |
| https://github.com/mwielgoszewski/doorman | |
| [BlockBlock] | |
| https://objective-see.com/products/blockblock.html | |
| [Little Snitch] | |
| https://www.obdev.at/products/littlesnitch/index.html | |
| [CarbonBlack] | |
| https://www.carbonblack.com/ | |
| [StreamAlert] | |
| https://github.com/airbnb/streamalert | |
| Patch Management | |
| [Simian] | |
| https://github.com/google/simian | |
| [Munki] | |
| https://www.munki.org/munki/ | |
| [Jenkins] | |
| https://wiki.jenkins-ci.org/display/SECURITY/Home | |
| https://www.pentestgeek.com/2014/06/13/hacking-jenkins-servers-with-no-password/ | |
| http://www.labofapenetrationtester.com/2014/06/hacking-jenkins-servers.html | |
| http://zeroknock.blogspot.com/search/label/Hacking%20Jenkins | |
| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_script_console.rb | |
| [ElasticSearch] | |
| http://carnal0wnage.attackresearch.com/2017/01/devooops-elasticsearch.html | |
| In-Memory Databases | |
| [Redis] | |
| https://redis.io/topics/security | |
| http://antirez.com/news/96 | |
| http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ | |
| https://gist.github.com/lokielse/d4e62ae1bb2d5da50ec04aadccc6edf1 | |
| [Memcache] | |
| http://www.slideshare.net/wallarm/us-14novikovthenewpageofinjectionsbookmemcachedinjectionswp | |
| http://infiltrate.tumblr.com/post/38565427/hacking-memcache | |
| http://www.darkcoding.net/software/memcached-list-all-keys/ | |
| https://5mins.wordpress.com/2011/04/25/plaidctf-django-challenge-writeup-web-300/ | |
| http://www.slideshare.net/sensepost/cache-on-delivery | |
| http://blog.couchbase.com/memcached-go-derper-black-hat-and-amazon-web-services-aws-security-bulletin | |
| https://lincolnloop.com/blog/playing-pickle-security/ | |
| https://www.sensepost.com/blog/2010/playing-with-python-pickle-%231/ | |
| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/memcached_extractor.rb | |
| Big Data | |
| [Hadoop] | |
| http://archive.hack.lu/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf | |
| https://hadoopecosystemtable.github.io/ | |
| [Vagrant] | |
| http://carnal0wnage.attackresearch.com/2017/01/devooops-client-provisioning-vagrant.html | |
| [Docker] | |
| https://zeltser.com/security-risks-and-benefits-of-docker-application/ | |
| https://blog.docker.com/2014/06/docker-container-breakout-proof-of-concept-exploit/ | |
| http://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and-security | |
| https://www.blackhat.com/docs/eu-15/materials/eu-15-Bettini-Vulnerability-Exploitation-In-Docker-Container-Environments-wp.pdf | |
| https://www.sumologic.com/blog-security/securing-docker-containers/ | |
| https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-10pdf/ | |
| [Shipyard] | |
| https://github.com/shipyard/shipyard | |
| [AWS - Vulnerable Webapps] | |
| https://www.blackhat.com/docs/us-14/materials/us-14-Riancho-Pivoting-In-Amazon-Clouds-WP.pdf | |
| https://andresriancho.github.io/nimbostratus/ | |
| [Review S3 buckets to determine security policy] | |
| https://gist.github.com/cktricky/faf0f40116e535a055b7412458136917 | |
| [Ken Johnson earlier talk on AWS security, dedicated to using these services (cloudwatch/config/cloudtrail)] | |
| https://www.youtube.com/watch?v=g-wy9NdATtA&feature=youtu.be | |
| [Tool to list the monitoring services configuration] | |
| CloudWatch / CloudTrail / Config | |
| https://gist.github.com/cktricky/f19e8d55ea5dcb1fdade6ede588c6576 | |
| [Review “Well Architected Framework” from AWS which discuss monitoring and other controls] | |
| http://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf | |
| [Tool to inspect each user’s permissions] | |
| https://gist.github.com/cktricky/257990df2f36aa3a01a8809777d49f5d | |
| [If you’re using something like Paperclip + Rails, try Fog to leverage Roles] | |
| https://github.com/thoughtbot/paperclip/issues/1591 | |
| [Backdooring AWS accounts] | |
| https://danielgrzelak.com/backdooring-an-aws-account-da007d36f8f9#.e341mt8zn | |
| https://danielgrzelak.com/exploring-an-aws-account-after-pwning-it-ff629c2aae39#.7198xyt30 | |
| https://danielgrzelak.com/disrupting-aws-logging-a42e437d6594#.nb8s0ser4 | |
| [Gone in 60 Milliseconds - Intrusion and Exfiltration in Server-less Architectures ] | |
| https://www.youtube.com/watch?v=YZ058hmLuv0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment