Log4Shell Practice Exploitation Range in the Cloud - Automated Deployment and Testing
Offered By: BSides SATX via YouTube
Course Description
Overview
Explore a comprehensive conference talk on creating a Log4Shell practice exploitation range in the cloud. Learn about the Log4Shell vulnerability and its impact on cybersecurity during the 2021 holiday season. Discover how to set up exploitation targets in a personal AWS environment quickly and efficiently. Follow the step-by-step process of designing and implementing a cloud-based practice range, including detailed explanations of the Log4Shell vulnerability suitable for various experience levels. Understand the necessary modifications for exploiting common software deployment configurations and learn about automated deployment techniques. Gain insights into using Terraform and Ansible to configure networks and hosts within Amazon Web Services (AWS). Witness a live demonstration of range deployment and exploitation, presented by Karl Sickendick, an experienced cyber capability developer and Air Force Officer with backgrounds in Electrical Engineering and Computer Science.
Syllabus
2022-06-18, 13:00–, Track 1 UC Conference Rm A
Taught by
BSides SATX
Related Courses
Log4j Vulnerability: What You Should KnowPluralsight Mitigating Log4Shell and Similar Vulnerabilities Using Cloud Services
ChariotSolutions via YouTube Log4Shell Vulnerability - Bugcrowd Security Flash
Bugcrowd via YouTube Log4Shell - The Worst Java Vulnerability in Years
Bugcrowd via YouTube Keep Your Dependencies in Check
Devoxx via YouTube