SlideShare a Scribd company logo

Build to Hack, Hack to Build

C
CloudVillage

Speaker: Chris Le Roy Containers,Cloud,DevOps and SDLC are all terms that are increasing in terms of usage in the InfoSec world. In this talk, we discuss how a container exploitation tool (BOtB) was developed to identify and autopwn common vulnerabilities in container technologies such as Docker and LXC and how this tool was used in a modern SDLC environment using common CI/CD technologies to identify, exploit and remediate container vulnerabilities before releases were made to production. In this talk we elaborate on how and why BOtB was built to be used by pentesters to exploit container vulnerabilities and how BOtB can be used by engineers to secure their container environments. The talk will also explain the technical details around the vulnerabilities that can be exploited by BOtB.

Engineering
1 of 46
Download to read offline
Build to Hack, Hack to BuildBuild to Hack, Hack to Build
WhoamiWhoami My name is Chris Le Roy Platform Security Engineer @Heroku You can find me on the cyberz with @brompwnie I like hacking stuff, I like building stuff Web, Windows, Android, Containers
AgendaAgenda The Problem Existing Research Introducing BOtB BOtB Capabilities and Integration Conclusion
What are the Problems?What are the Problems? In a modern cloud-devops-SDLC-Agile Environment How do we identify and exploit container vulnerabilities? How do we test, secure and monitor our containers?
Existing ResearchExisting Research AmIContained Linux SECCOMP and CAPS, LXC or Docker GoogleContainerTools container-structure-test is a great to tool to analyze images (static) Clair Vulnerability Static Analysis for Containers Aqua Security Docker-benchmark against CIS Docker Benchmark
How do I like to solveHow do I like to solve problems?problems?
Pwn all the ThingsPwn all the Things Break Out The Box (BOtB) https://github.com/brompwnie/botb Written in Go Ability to autopwn common Container vulnerabilities Ability to perform common Container recon functions (think Linux Post Exploitation) Options to implement abilities in a manner that is useful for pentesters and engineers
Pwn all the Things: Docker.sockPwn all the Things: Docker.sock Hacking containers 101 method Using Docker from within a container <- don’t do this This can allows us to break out of containers Local PrivEsc to ROOT
Pwn all the Things: Docker.sockPwn all the Things: Docker.sock Step 1: Identify docker.sock in container Step 2: Interact with docker.sock via cURL or Docker Client Create a new container and mount the host’s filesystem Step 4: docker run -ti newContainer chroot mount in Step 3 as root Step 5: L00t
Pwn all the Things: Docker.sockPwn all the Things: Docker.sock Looking for UNIX sockets in containers can be tricky Living off the land (LOTL) of a container has problems Useful commands to find domain sockets not available i.e find/ss/netstat etc
Pwn all the Things: Docker.sockPwn all the Things: Docker.sock docker.sock might not be mounted at: /var/run/docker.sock You have to find these sockets /moo/bob
Pwn all the Things: Docker.sockPwn all the Things: Docker.sock Syscalls might be available to perform the task you need
Pwn all the Things: Docker.sockPwn all the Things: Docker.sock Container Breakout with BOtB
Pwn all the Things: Docker.sockPwn all the Things: Docker.sock BOtB can be used to drop into an interactive TTY on the underlying host (Pentester) BOtB can be used to exploit the exposed docker.sock but not drop into an interactive TTY (Engineer) Return code > 0 No need to install additional packages to utilise the capabilities
Pwn all the Things: Docker.sockPwn all the Things: Docker.sock BOtB integrated with CI
But there's more to Pwn...But there's more to Pwn...
Pwn all the Things: PrivilegedPwn all the Things: Privileged Docker, --Privileged Dangerous SYSCALL's and CAPS --cap-add=SYS_ADMIN Easy container escapes
Pwn all the Things: --PrivilegedPwn all the Things: --Privileged
Pwn all the Things: ENVPwn all the Things: ENV Container implementations utilise Env Not container specific but very prevalent Good ‘ol ENV i.e PATH etc Proc filesystem is your friend too /proc/{pid}/Environ This location can have more than you bargained for Just because you cleared ENV, does not imply that /proc/{pid}/Environ has been cleared
Pwn all the Things: ENVPwn all the Things: ENV BOtB has the ability to access ENV and /proc/environ ENV variables can accessed via "os.Environ()" Environ returns a copy of strings representing the environment, in the form "key=value" Accessing /proc/{pid}/Environ can get tricky Ephemerality General Linux Proc FS mechanics
Pwn all the Things: ENVPwn all the Things: ENV
Pwn all the Things: ENVPwn all the Things: ENV
Pwn all the Things: ENVPwn all the Things: ENV BOtB integrated with CI
Pwn all the Things: MetaPwn all the Things: Meta Clouds are a favourite spot for Containers Because of this, metadata services are available Common endpoint for AWS, GCP, Azure etc http://169.254.169.254 This endpoint can be used for many things Perform certain actions on the platform curl http://169.254.169.254/latest/meta- data/iam/security-credentials/s3access Platform Specific
Pwn all the Things: MetaPwn all the Things: Meta Metadata services are one type of API There may be many other API’s exposed Control Plane API’s i.e K8 These endpoints may be lurking in your Cloud Potentially accessible from a container EC2 Classic, "instances run in a single, flat network that you share with other customers" Back to Container quirks You don’t always have nmap,cURL, ifconfig, ip etc
Pwn all the Things: MetaPwn all the Things: Meta BOtB searching for metadata
Recon is fun but...Recon is fun but...
Pwn all the Thinings: BinaryPwn all the Thinings: Binary HijackingHijacking Container binaries are often utilised to perform actions by entities outside of the container docker exec Trusts command explicitly
Pwn all the Thinings: BinaryPwn all the Thinings: Binary HijackingHijacking Kubectl cp Calls the container’s TAR binary Victim of a recent attack https://www.twistlock.com/labs- blog/disclosing-directory-traversal- vulnerability-kubernetes-copy-cve-2019- 1002101/
At some point in yourAt some point in your Container’s execution, a binaryContainer’s execution, a binary might be executedmight be executed
Hijack all the binaries!Hijack all the binaries!
Pwn all the Thinings: BinaryPwn all the Thinings: Binary HijackingHijacking Warning! Here be dragons This could break stuff, you are modifying the container and its contents
Pwn all the Thinings: BinaryPwn all the Thinings: Binary HijackingHijacking Step 1: Determine if you have +rw perms to /bin, /sbin, /usr/bin Step 2: Create a malicious executable that does something Webhook, fuzz, etc Step 3: Replace everything in /bin, /sbin,/usr/bin with your malicious “binary” and chmod +x L00t
Pwn all the Thinings: BinaryPwn all the Thinings: Binary HijackingHijacking Prepping a malicious executable Capturing the command that was called (hijacked) "$0" Capturing the first 3 params "$1,$2,$3"
Pwn all the Thinings: BinaryPwn all the Thinings: Binary HijackingHijacking Hijacking binaries, bash into submission
Pwn all the Thinings: BinaryPwn all the Thinings: Binary HijackingHijacking Receiving callbacks is interesting Could happen 1min, 5min, 1hr, next week Tokens in cURL commands Prevent logic from occuring Unexpected output General Borkage
Pwn all the Thinings: BinaryPwn all the Thinings: Binary HijackingHijacking
But wait, there's more!But wait, there's more!
Pwn all the Things: CVE:-???Pwn all the Things: CVE:-??? There’s a few issues that we can have phun with CVE-2014-6271 (Shellshock/Bashbug) Docker Shocker DirtyCow CVE-2017-5123 (waitid privesc) CVE-2019-5736 (RunC)
Pwn all the ThingsPwn all the Things CVE-2019-5736 Similar to hijacking binaries You are hijacking the runC binary on the host Issue in how runC spawns a new process in a Container
Pwn all the ThingsPwn all the Things CVE-2019-5736 Last resort exploit If successful, this will break the underlying Container runtime You need root(Docker) and privileged Container(LXC) runC binary is owned by root
Pwn all the ThingsPwn all the Things CVE-2019-5736 We can make use of our binary hijacking strategy We replace runC with a web hook function to our endpoint It will break Docker but at least will know if it is vulnerable or get a shell
Pwn all the ThingsPwn all the Things Breaking out with CVE-2019-5736
ConclusionConclusion BOtB can be used by both pentesters and engineers Use it to get shells or verify exploitability Use it to test within your SDLC Environment and get feedback Feedback is either immediate or not We are identifying and exploiting both immediate and delayed vulnerabilities
ConclusionConclusion https://github.com/brompwnie/botb
ReferencesReferences https://docs.docker.com/engine/security/https/ https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#cp https://docs.docker.com/engine/reference/commandline/exec/ https://github.com/GoogleContainerTools/container-structure-test https://github.com/coreos/clair https://github.com/aquasecurity/docker-bench https://www.cisecurity.org/benchmark/docker/ https://github.com/Frichetten/CVE-2019-5736-PoC https://www.twistlock.com/labs-blog/breaking-docker-via-runc-explaining-cve-2019-5736/ https://www.twistlock.com/labs-blog/disclosing-directory-traversal-vulnerability-kubernetes- copy-cve-2019-1002101/ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-classic-platform.html https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/ https://github.com/singe/container-breakouts

Recommended

Your Blacklist is Dead: Why the Future of Command and Control is the Cloud
Your Blacklist is Dead: Why the Future of Command and Control is the CloudYour Blacklist is Dead: Why the Future of Command and Control is the Cloud
Your Blacklist is Dead: Why the Future of Command and Control is the CloudCloudVillage
 
Keynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates SecurityKeynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates SecurityCloudVillage
 
MozDef Workshop slide
MozDef Workshop slideMozDef Workshop slide
MozDef Workshop slideCloudVillage
 
EKS security best practices
EKS security best practicesEKS security best practices
EKS security best practicesJohn Varghese
 
Mining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the CloudMining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the CloudCloudVillage
 
BSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes Back
BSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes BackBSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes Back
BSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes BackLacework
 
Policy as code what helm developers need to know about security
Policy as code what helm developers need to know about securityPolicy as code what helm developers need to know about security
Policy as code what helm developers need to know about securityLibbySchulze
 
Watch How The Giants Fall: Learning from Bug Bounty Results
Watch How The Giants Fall: Learning from Bug Bounty ResultsWatch How The Giants Fall: Learning from Bug Bounty Results
Watch How The Giants Fall: Learning from Bug Bounty Resultsjtmelton
 

Recommended

Your Blacklist is Dead: Why the Future of Command and Control is the Cloud
Your Blacklist is Dead: Why the Future of Command and Control is the CloudYour Blacklist is Dead: Why the Future of Command and Control is the Cloud
Your Blacklist is Dead: Why the Future of Command and Control is the CloudCloudVillage
 
Keynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates SecurityKeynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates SecurityCloudVillage
 
MozDef Workshop slide
MozDef Workshop slideMozDef Workshop slide
MozDef Workshop slideCloudVillage
 
EKS security best practices
EKS security best practicesEKS security best practices
EKS security best practicesJohn Varghese
 
Mining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the CloudMining Malevolence: Cryptominers in the Cloud
Mining Malevolence: Cryptominers in the CloudCloudVillage
 
BSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes Back
BSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes BackBSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes Back
BSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes BackLacework
 
Policy as code what helm developers need to know about security
Policy as code what helm developers need to know about securityPolicy as code what helm developers need to know about security
Policy as code what helm developers need to know about securityLibbySchulze
 
Watch How The Giants Fall: Learning from Bug Bounty Results
Watch How The Giants Fall: Learning from Bug Bounty ResultsWatch How The Giants Fall: Learning from Bug Bounty Results
Watch How The Giants Fall: Learning from Bug Bounty Resultsjtmelton
 
10 tips for Cloud Native Security
10 tips for Cloud Native Security10 tips for Cloud Native Security
10 tips for Cloud Native SecurityKarthik Gaekwad
 
What is Google Cloud Good For at DevFestInspire 2021
What is Google Cloud Good For at DevFestInspire 2021What is Google Cloud Good For at DevFestInspire 2021
What is Google Cloud Good For at DevFestInspire 2021Robert John
 
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019Lacework
 
Practical Chaos Engineering
Practical Chaos EngineeringPractical Chaos Engineering
Practical Chaos EngineeringSIGHUP
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016Chris Gates
 
Netflix Open Source Meetup Season 4 Episode 3
Netflix Open Source Meetup Season 4 Episode 3Netflix Open Source Meetup Season 4 Episode 3
Netflix Open Source Meetup Season 4 Episode 3aspyker
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesLacework
 
Rugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOpsRugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOpsJames Wickett
 
Kube Apps in action
Kube Apps in actionKube Apps in action
Kube Apps in actionKarthik Gaekwad
 
Containerizing your Security Operations Center
Containerizing your Security Operations CenterContainerizing your Security Operations Center
Containerizing your Security Operations CenterJimmy Mesta
 
The State of Kubernetes Security
The State of Kubernetes Security The State of Kubernetes Security
The State of Kubernetes Security Jimmy Mesta
 
Digital Forensics and Incident Response in The Cloud
Digital Forensics and Incident Response in The CloudDigital Forensics and Incident Response in The Cloud
Digital Forensics and Incident Response in The CloudVelocidex Enterprises
 
Lessons learned from writing over 300,000 lines of infrastructure code
Lessons learned from writing over 300,000 lines of infrastructure codeLessons learned from writing over 300,000 lines of infrastructure code
Lessons learned from writing over 300,000 lines of infrastructure codeYevgeniy Brikman
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security AutomationJason Chan
 
Kubernetes security and you
Kubernetes security and youKubernetes security and you
Kubernetes security and youKarthik Gaekwad
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Amazon Web Services
 
Grabbing Forensic Images from EC2/Rackspace
Grabbing Forensic Images from EC2/RackspaceGrabbing Forensic Images from EC2/Rackspace
Grabbing Forensic Images from EC2/RackspaceJP Bourget
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
AWS Security Strategy
AWS Security StrategyAWS Security Strategy
AWS Security StrategyTeri Radichel
 
Serverless Security: What's Left to Protect?
Serverless Security: What's Left to Protect?Serverless Security: What's Left to Protect?
Serverless Security: What's Left to Protect?Guy Podjarny
 
Building Containers: How Many Ways Are Too Many?
Building Containers: How Many Ways Are Too Many?Building Containers: How Many Ways Are Too Many?
Building Containers: How Many Ways Are Too Many?Vietnam Open Infrastructure User Group
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker IntroductionHao Fan
 

More Related Content

What's hot

10 tips for Cloud Native Security
10 tips for Cloud Native Security10 tips for Cloud Native Security
10 tips for Cloud Native SecurityKarthik Gaekwad
 
What is Google Cloud Good For at DevFestInspire 2021
What is Google Cloud Good For at DevFestInspire 2021What is Google Cloud Good For at DevFestInspire 2021
What is Google Cloud Good For at DevFestInspire 2021Robert John
 
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019Lacework
 
Practical Chaos Engineering
Practical Chaos EngineeringPractical Chaos Engineering
Practical Chaos EngineeringSIGHUP
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016Chris Gates
 
Netflix Open Source Meetup Season 4 Episode 3
Netflix Open Source Meetup Season 4 Episode 3Netflix Open Source Meetup Season 4 Episode 3
Netflix Open Source Meetup Season 4 Episode 3aspyker
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesLacework
 
Rugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOpsRugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOpsJames Wickett
 
Containerizing your Security Operations Center
Containerizing your Security Operations CenterContainerizing your Security Operations Center
Containerizing your Security Operations CenterJimmy Mesta
 
The State of Kubernetes Security
The State of Kubernetes Security The State of Kubernetes Security
The State of Kubernetes Security Jimmy Mesta
 
Digital Forensics and Incident Response in The Cloud
Digital Forensics and Incident Response in The CloudDigital Forensics and Incident Response in The Cloud
Digital Forensics and Incident Response in The CloudVelocidex Enterprises
 
Lessons learned from writing over 300,000 lines of infrastructure code
Lessons learned from writing over 300,000 lines of infrastructure codeLessons learned from writing over 300,000 lines of infrastructure code
Lessons learned from writing over 300,000 lines of infrastructure codeYevgeniy Brikman
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security AutomationJason Chan
 
Kubernetes security and you
Kubernetes security and youKubernetes security and you
Kubernetes security and youKarthik Gaekwad
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Amazon Web Services
 
Grabbing Forensic Images from EC2/Rackspace
Grabbing Forensic Images from EC2/RackspaceGrabbing Forensic Images from EC2/Rackspace
Grabbing Forensic Images from EC2/RackspaceJP Bourget
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
AWS Security Strategy
AWS Security StrategyAWS Security Strategy
AWS Security StrategyTeri Radichel
 
Serverless Security: What's Left to Protect?
Serverless Security: What's Left to Protect?Serverless Security: What's Left to Protect?
Serverless Security: What's Left to Protect?Guy Podjarny
 

What's hot (20)

10 tips for Cloud Native Security
10 tips for Cloud Native Security10 tips for Cloud Native Security
10 tips for Cloud Native Security
 
What is Google Cloud Good For at DevFestInspire 2021
What is Google Cloud Good For at DevFestInspire 2021What is Google Cloud Good For at DevFestInspire 2021
What is Google Cloud Good For at DevFestInspire 2021
 
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019
 
Practical Chaos Engineering
Practical Chaos EngineeringPractical Chaos Engineering
Practical Chaos Engineering
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
 
Netflix Open Source Meetup Season 4 Episode 3
Netflix Open Source Meetup Season 4 Episode 3Netflix Open Source Meetup Season 4 Episode 3
Netflix Open Source Meetup Season 4 Episode 3
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing Kubernetes
 
Rugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOpsRugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOps
 
Kube Apps in action
Kube Apps in actionKube Apps in action
Kube Apps in action
 
Containerizing your Security Operations Center
Containerizing your Security Operations CenterContainerizing your Security Operations Center
Containerizing your Security Operations Center
 
The State of Kubernetes Security
The State of Kubernetes Security The State of Kubernetes Security
The State of Kubernetes Security
 
Digital Forensics and Incident Response in The Cloud
Digital Forensics and Incident Response in The CloudDigital Forensics and Incident Response in The Cloud
Digital Forensics and Incident Response in The Cloud
 
Lessons learned from writing over 300,000 lines of infrastructure code
Lessons learned from writing over 300,000 lines of infrastructure codeLessons learned from writing over 300,000 lines of infrastructure code
Lessons learned from writing over 300,000 lines of infrastructure code
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security Automation
 
Kubernetes security and you
Kubernetes security and youKubernetes security and you
Kubernetes security and you
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
 
Grabbing Forensic Images from EC2/Rackspace
Grabbing Forensic Images from EC2/RackspaceGrabbing Forensic Images from EC2/Rackspace
Grabbing Forensic Images from EC2/Rackspace
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
AWS Security Strategy
AWS Security StrategyAWS Security Strategy
AWS Security Strategy
 
Serverless Security: What's Left to Protect?
Serverless Security: What's Left to Protect?Serverless Security: What's Left to Protect?
Serverless Security: What's Left to Protect?
 

Similar to Build to Hack, Hack to Build

Docker Introduction
Docker IntroductionDocker Introduction
Docker IntroductionHao Fan
 
Docker: do's and don'ts
Docker: do's and don'tsDocker: do's and don'ts
Docker: do's and don'tsPaolo Tonin
 
Common primitives in Docker environments
Common primitives in Docker environmentsCommon primitives in Docker environments
Common primitives in Docker environmentsalexandru giurgiu
 
Javascript Apps at Build Artifacts
Javascript Apps at Build ArtifactsJavascript Apps at Build Artifacts
Javascript Apps at Build ArtifactsClay Smith
 
The Ultimate Deobfuscator - ToorCON San Diego 2008
The Ultimate Deobfuscator - ToorCON San Diego 2008The Ultimate Deobfuscator - ToorCON San Diego 2008
The Ultimate Deobfuscator - ToorCON San Diego 2008Stephan Chenette
 
Patterns & Antipatterns in Docker Image Lifecycle
Patterns & Antipatterns in Docker Image LifecyclePatterns & Antipatterns in Docker Image Lifecycle
Patterns & Antipatterns in Docker Image Lifecycleyoavl
 
Getting started with docker
Getting started with dockerGetting started with docker
Getting started with dockerSaim Safder
 
Medium Trust for Umbraco
Medium Trust for UmbracoMedium Trust for Umbraco
Medium Trust for UmbracoWarren Buckley
 
Containers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech TalkContainers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech TalkRed Hat Developers
 
PittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earth
PittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earthPittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earth
PittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earthGrace Jansen
 
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)DynamicInfraDays
 
3. backup file artifacts - mazin ahmed
3. backup file artifacts - mazin ahmed3. backup file artifacts - mazin ahmed
3. backup file artifacts - mazin ahmedRashid Khatmey
 
Kubernetes buildpacks - from a source code to the running OCI container with ...
Kubernetes buildpacks - from a source code to the running OCI container with ...Kubernetes buildpacks - from a source code to the running OCI container with ...
Kubernetes buildpacks - from a source code to the running OCI container with ...PROIDEA
 
Sandbox detection: leak, abuse, test - Hacktivity 2015
Sandbox detection: leak, abuse, test - Hacktivity 2015Sandbox detection: leak, abuse, test - Hacktivity 2015
Sandbox detection: leak, abuse, test - Hacktivity 2015Zoltan Balazs
 
Docker - Der Wal in der Kiste
Docker - Der Wal in der KisteDocker - Der Wal in der Kiste
Docker - Der Wal in der KisteUlrich Krause
 
10 Reasons Your Software Sucks 2014 - Tax Day Edition!
10 Reasons Your Software Sucks 2014 - Tax Day Edition!10 Reasons Your Software Sucks 2014 - Tax Day Edition!
10 Reasons Your Software Sucks 2014 - Tax Day Edition!Caleb Jenkins
 
Docker experience @inbotapp
Docker experience @inbotappDocker experience @inbotapp
Docker experience @inbotappJilles van Gurp
 

Similar to Build to Hack, Hack to Build (20)

Building Containers: How Many Ways Are Too Many?
Building Containers: How Many Ways Are Too Many?Building Containers: How Many Ways Are Too Many?
Building Containers: How Many Ways Are Too Many?
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
 
Docker: do's and don'ts
Docker: do's and don'tsDocker: do's and don'ts
Docker: do's and don'ts
 
Boycott Docker
Boycott DockerBoycott Docker
Boycott Docker
 
Common primitives in Docker environments
Common primitives in Docker environmentsCommon primitives in Docker environments
Common primitives in Docker environments
 
Javascript Apps at Build Artifacts
Javascript Apps at Build ArtifactsJavascript Apps at Build Artifacts
Javascript Apps at Build Artifacts
 
The Ultimate Deobfuscator - ToorCON San Diego 2008
The Ultimate Deobfuscator - ToorCON San Diego 2008The Ultimate Deobfuscator - ToorCON San Diego 2008
The Ultimate Deobfuscator - ToorCON San Diego 2008
 
Sonatype DevSecOps Leadership forum 2020
Sonatype DevSecOps Leadership forum 2020Sonatype DevSecOps Leadership forum 2020
Sonatype DevSecOps Leadership forum 2020
 
Patterns & Antipatterns in Docker Image Lifecycle
Patterns & Antipatterns in Docker Image LifecyclePatterns & Antipatterns in Docker Image Lifecycle
Patterns & Antipatterns in Docker Image Lifecycle
 
Getting started with docker
Getting started with dockerGetting started with docker
Getting started with docker
 
Medium Trust for Umbraco
Medium Trust for UmbracoMedium Trust for Umbraco
Medium Trust for Umbraco
 
Containers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech TalkContainers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech Talk
 
PittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earth
PittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earthPittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earth
PittsburgJUG_Cloud-Native Dev Tools: Bringing the cloud back to earth
 
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
ContainerDays Boston 2015: "Continuous Delivery with Containers" (Nick Gauthier)
 
3. backup file artifacts - mazin ahmed
3. backup file artifacts - mazin ahmed3. backup file artifacts - mazin ahmed
3. backup file artifacts - mazin ahmed
 
Kubernetes buildpacks - from a source code to the running OCI container with ...
Kubernetes buildpacks - from a source code to the running OCI container with ...Kubernetes buildpacks - from a source code to the running OCI container with ...
Kubernetes buildpacks - from a source code to the running OCI container with ...
 
Sandbox detection: leak, abuse, test - Hacktivity 2015
Sandbox detection: leak, abuse, test - Hacktivity 2015Sandbox detection: leak, abuse, test - Hacktivity 2015
Sandbox detection: leak, abuse, test - Hacktivity 2015
 
Docker - Der Wal in der Kiste
Docker - Der Wal in der KisteDocker - Der Wal in der Kiste
Docker - Der Wal in der Kiste
 
10 Reasons Your Software Sucks 2014 - Tax Day Edition!
10 Reasons Your Software Sucks 2014 - Tax Day Edition!10 Reasons Your Software Sucks 2014 - Tax Day Edition!
10 Reasons Your Software Sucks 2014 - Tax Day Edition!
 
Docker experience @inbotapp
Docker experience @inbotappDocker experience @inbotapp
Docker experience @inbotapp
 

More from CloudVillage

Phishing in the cloud era
Phishing in the cloud eraPhishing in the cloud era
Phishing in the cloud eraCloudVillage
 
Using Splunk or ELK for Auditing AWS/GCP/Azure Security posture
Using Splunk or ELK for Auditing AWS/GCP/Azure Security postureUsing Splunk or ELK for Auditing AWS/GCP/Azure Security posture
Using Splunk or ELK for Auditing AWS/GCP/Azure Security postureCloudVillage
 
ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...
ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...
ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...CloudVillage
 
Battle in the Clouds - Attacker vs Defender on AWS
Battle in the Clouds - Attacker vs Defender on AWSBattle in the Clouds - Attacker vs Defender on AWS
Battle in the Clouds - Attacker vs Defender on AWSCloudVillage
 
Scaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open SourceScaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open SourceCloudVillage
 
Pragmatic Cloud Security Automation
Pragmatic Cloud Security AutomationPragmatic Cloud Security Automation
Pragmatic Cloud Security AutomationCloudVillage
 
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridExploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridCloudVillage
 

More from CloudVillage (7)

Phishing in the cloud era
Phishing in the cloud eraPhishing in the cloud era
Phishing in the cloud era
 
Using Splunk or ELK for Auditing AWS/GCP/Azure Security posture
Using Splunk or ELK for Auditing AWS/GCP/Azure Security postureUsing Splunk or ELK for Auditing AWS/GCP/Azure Security posture
Using Splunk or ELK for Auditing AWS/GCP/Azure Security posture
 
ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...
ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...
ATT&CKing the Sentinel – deploying a threat hunting capability on Azure Senti...
 
Battle in the Clouds - Attacker vs Defender on AWS
Battle in the Clouds - Attacker vs Defender on AWSBattle in the Clouds - Attacker vs Defender on AWS
Battle in the Clouds - Attacker vs Defender on AWS
 
Scaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open SourceScaling Security in the Cloud With Open Source
Scaling Security in the Cloud With Open Source
 
Pragmatic Cloud Security Automation
Pragmatic Cloud Security AutomationPragmatic Cloud Security Automation
Pragmatic Cloud Security Automation
 
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridExploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
 

Recently uploaded

VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝soniya singh
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSRajkumarAkumalla
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 

Recently uploaded (20)

VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 

Build to Hack, Hack to Build