Operating reconnaissance on a target community is close to always time-consuming and cumbersome

Anthony Bislew Red Teamer, Intuit

For skilled hackers, the process of manually enumerating and checking target networking sites concerns feel like a gratuitous quest through Mordor on our strategy to the glory of shells, pivoting, and pilfering. A whole lot worse, a lot of robotic reconnaissance solutions online are expensive, brief within their advantages, opaque inside their features. or all of the over.

Imagine if you might automate your own personal customized method to reconnaissance and exploitation by leveraging a completely complimentary and open-source platform to 1. Integrate the equipment you believe and 2. create resources of your very own to recapture those tips which happen to be unique towards the unique snowflake definitely your?

Anshuman Bhartiya

Inside workshop, we are going to introduce you to the efficacy of Docker and Kubernetes to supercharge their hacking methods. We’re going to walk you through the whole process of developing your own tools as Docker photos, management and introducing those equipment in a Kubernetes group, and saving your outcomes in a fashion that’s easy to analyze and do something about. We will spawn and ruin some fight situations and program exactly how easy its to accomplish your own evaluation without worrying out on how to start off. We’re going to even use some of the recon leads to automate running exploitation gear against them and obtaining for the keys on the empire! By the end of this workshop you need to have every gear you’ll want to establish and increase your recon and exploitation framework, that’s supercharged and hyper scalable, as a result of Kubernetes.

Prerequisites: Attendees needs to be: Comfortable making use of a MacOS/Linux shell terminal comfy enough with a standard scripting words (ideally Python/Ruby) to create easy tools/scripts knowledgeable about command-line hardware common to security gurus (example. curl, Nmap, etc.) acquainted with Docker (for example. its factor, the principles of pots and photographs, etc.)

Content: A?AˆA? laptop computer with a Linux-based OS (ideally Mac/Ubuntu) A?AˆA? a Google Cloud Platform (GCP) account – you should use the GCP Free level to have one. They provide $300 worthy of of no-cost credit in fact it is more than enough. A?AˆA? A?AˆA? A Slack profile designed with an incoming webhook – A?AˆA? An IDE including Atom or aesthetic Studio rule. A?AˆA? we’ll walk through installation of other tools/software essential like Docker, Minikube, Google SDK, Golang, Python, etcetera. so that you donA?AˆA™t need to have these pre-installed nonetheless it would help should you.

Anshuman Bhartiya Anshuman Bhartiya has been around the IT field for approximately ten years now and has now had the possible opportunity to don numerous caps. Anshuman has become a web designer, cloud consultant, systems professional and protection professional among others. Anshuman keeps a varied skillset and he loves to tinker making use of the most recent technology discovering innovative possibilities for harder and difficult troubles. Security, Automation and invention are some activities he or she is actually excited about and then he securely thinks waplog eÅŸleÅŸme in revealing understanding and the Open supply area. You will find the Anshuman’s work on their Github here –

Anthony Bislew Anthony Bislew try a red teamer for Intuit safety group, with 17 past many years of knowledge of the IT market. He had been the co-founder of two Infrastructure as a Service (IaaS) startups and architected multiple facts locations from the crushed up. He’s a co-founder of SD Hackers, a San Diego-based number of security professionals that come along to learn from and collaborate together. He could be furthermore the inventor in the community entrance examination laboratory Infoseclabs, which was not too long ago changed into a personal security investigation laboratory for neighborhood San Diego entrance testers and professionals. ‘” 3_Saturday,,,BHV,”Pisa Room”,”‘Biotechnology Needs a Security area. Severely'”,”‘Ed Your'”,”‘Title: Biotechnology Needs a Security Patch. Badly