Tales of Red Teaming, aka "Continuous Intrusion Continuous Deception"

No ratings

Presented at BSidesSanFrancisco 2018 by

Aladdin Nair

This talk explores various avenues of techniques used to attack a large scale corporate networks. It begins by discussing about the compromise of misconfigured deployment systems to obtain access to production servers. We will also show how it is possible to backdoor software packages with minimal to no effort and gain SYSTEM level access to many of production boxes. Then we will move on to show methods to break out of containers such as docker & we talk about misconfigurations in Kubernetes clusters that can be useful in compromising sensitive assets in multi-tenant systems. This talk also explores webhook trickery in slack for phishing and we end this talk by exploring the implementation of a technique for real-time 2FA bypass that we used in a red team exercise.