Forked from carnal0wnage/DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
Created
March 27, 2017 09:32
-
-
Save Tom4t0/acb2a239e65746417b256bedd3436c1b to your computer and use it in GitHub Desktop.
Links from Chris Gates/Ken Johnson DevOOPS RSA 17 presentation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RSA 2017 DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links SessionID: HTA-W02 | |
https://www.slideshare.net/chrisgates/devoops-attacks-and-defenses-for-devops-toolchains | |
Past talks: | |
http://www.slideshare.net/KenJohnson61/aws-surival-guide | |
[Ken Johnson earlier talk on AWS security, dedicated to using these services (cloudwatch/config/cloudtrail)] | |
https://www.youtube.com/watch?v=g-wy9NdATtA&feature=youtu.be | |
Chris Gates & Ken Johnson - DevOops: Redux - AppSecUSA 2016 | |
https://www.youtube.com/watch?v=VMyp74ct2H0 | |
[nVisium Blog] | |
https://nvisium.com/blog/ | |
[Chris Gates Blog] | |
http://carnal0wnage.attackresearch.com | |
[In the news examples] | |
https://www.quora.com/My-AWS-account-was-hacked-and-I-have-a-50-000-bill-how-can-I-reduce-the-amount-I-need-to-pay | |
https://medium.com/how-i-learned-ruby-rails/how-to-get-robbed-by-insecure-practices-8a1118fe3d7f#.9o81eqare | |
http://www.theregister.co.uk/2015/01/06/dev_blunder_shows_github_crawling_with_keyslurping_bots/ | |
http://searchaws.techtarget.com/news/2240223024/Code-Spaces-goes-dark-after-AWS-cloud-security-hack | |
https://www.databreaches.net/dozens-of-clinics-thousands-of-patients-impacted-by-third-party-data-leak/ | |
https://mackeeper.com/blog/post/275-30-breaches-in-one | |
http://www.techrepublic.com/article/massive-ransomware-attack-takes-out-27000-mongodb-servers/ | |
http://www.pcworld.com/article/3157417/security/after-mongodb-ransomware-groups-hit-exposed-elasticsearch-clusters.html | |
[Slack Logs] | |
https://api.slack.com/methods/team.accessLogs | |
https://github.com/maus-/slack-auditor | |
[GitRob] | |
https://github.com/michenriksen/gitrob | |
[TruffleHog] | |
https://github.com/dxa4481/truffleHog | |
[GitMonitor] | |
https://gitmonitor.com/ | |
[Open Source Tools for monitoring pastebin*] | |
https://github.com/jordan-wright/dumpmon | |
https://github.com/xme/pastemon | |
https://github.com/cvandeplas/pystemon | |
[osquery] | |
https://osquery.io/ | |
[Doorman] | |
https://github.com/mwielgoszewski/doorman | |
[BlockBlock] | |
https://objective-see.com/products/blockblock.html | |
[Little Snitch] | |
https://www.obdev.at/products/littlesnitch/index.html | |
[CarbonBlack] | |
https://www.carbonblack.com/ | |
[StreamAlert] | |
https://github.com/airbnb/streamalert | |
Patch Management | |
[Simian] | |
https://github.com/google/simian | |
[Munki] | |
https://www.munki.org/munki/ | |
[Jenkins] | |
https://wiki.jenkins-ci.org/display/SECURITY/Home | |
https://www.pentestgeek.com/2014/06/13/hacking-jenkins-servers-with-no-password/ | |
http://www.labofapenetrationtester.com/2014/06/hacking-jenkins-servers.html | |
http://zeroknock.blogspot.com/search/label/Hacking%20Jenkins | |
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkins_script_console.rb | |
[ElasticSearch] | |
http://carnal0wnage.attackresearch.com/2017/01/devooops-elasticsearch.html | |
In-Memory Databases | |
[Redis] | |
https://redis.io/topics/security | |
http://antirez.com/news/96 | |
http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ | |
https://gist.github.com/lokielse/d4e62ae1bb2d5da50ec04aadccc6edf1 | |
[Memcache] | |
http://www.slideshare.net/wallarm/us-14novikovthenewpageofinjectionsbookmemcachedinjectionswp | |
http://infiltrate.tumblr.com/post/38565427/hacking-memcache | |
http://www.darkcoding.net/software/memcached-list-all-keys/ | |
https://5mins.wordpress.com/2011/04/25/plaidctf-django-challenge-writeup-web-300/ | |
http://www.slideshare.net/sensepost/cache-on-delivery | |
http://blog.couchbase.com/memcached-go-derper-black-hat-and-amazon-web-services-aws-security-bulletin | |
https://lincolnloop.com/blog/playing-pickle-security/ | |
https://www.sensepost.com/blog/2010/playing-with-python-pickle-%231/ | |
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/memcached_extractor.rb | |
Big Data | |
[Hadoop] | |
http://archive.hack.lu/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf | |
https://hadoopecosystemtable.github.io/ | |
[Vagrant] | |
http://carnal0wnage.attackresearch.com/2017/01/devooops-client-provisioning-vagrant.html | |
[Docker] | |
https://zeltser.com/security-risks-and-benefits-of-docker-application/ | |
https://blog.docker.com/2014/06/docker-container-breakout-proof-of-concept-exploit/ | |
http://www.slideshare.net/jpetazzo/linux-containers-lxc-docker-and-security | |
https://www.blackhat.com/docs/eu-15/materials/eu-15-Bettini-Vulnerability-Exploitation-In-Docker-Container-Environments-wp.pdf | |
https://www.sumologic.com/blog-security/securing-docker-containers/ | |
https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/2016/april/ncc_group_understanding_hardening_linux_containers-10pdf/ | |
[Shipyard] | |
https://github.com/shipyard/shipyard | |
[AWS - Vulnerable Webapps] | |
https://www.blackhat.com/docs/us-14/materials/us-14-Riancho-Pivoting-In-Amazon-Clouds-WP.pdf | |
https://andresriancho.github.io/nimbostratus/ | |
[Review S3 buckets to determine security policy] | |
https://gist.github.com/cktricky/faf0f40116e535a055b7412458136917 | |
[Ken Johnson earlier talk on AWS security, dedicated to using these services (cloudwatch/config/cloudtrail)] | |
https://www.youtube.com/watch?v=g-wy9NdATtA&feature=youtu.be | |
[Tool to list the monitoring services configuration] | |
CloudWatch / CloudTrail / Config | |
https://gist.github.com/cktricky/f19e8d55ea5dcb1fdade6ede588c6576 | |
[Review “Well Architected Framework” from AWS which discuss monitoring and other controls] | |
http://d0.awsstatic.com/whitepapers/architecture/AWS_Well-Architected_Framework.pdf | |
[Tool to inspect each user’s permissions] | |
https://gist.github.com/cktricky/257990df2f36aa3a01a8809777d49f5d | |
[If you’re using something like Paperclip + Rails, try Fog to leverage Roles] | |
https://github.com/thoughtbot/paperclip/issues/1591 | |
[Backdooring AWS accounts] | |
https://danielgrzelak.com/backdooring-an-aws-account-da007d36f8f9#.e341mt8zn | |
https://danielgrzelak.com/exploring-an-aws-account-after-pwning-it-ff629c2aae39#.7198xyt30 | |
https://danielgrzelak.com/disrupting-aws-logging-a42e437d6594#.nb8s0ser4 | |
[Gone in 60 Milliseconds - Intrusion and Exfiltration in Server-less Architectures ] | |
https://www.youtube.com/watch?v=YZ058hmLuv0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment