Tales of Red Teaming - Continuous Intrusion Continuous Deception

Dive into an eye-opening conference talk on advanced red teaming techniques for large-scale corporate networks. Explore the compromise of misconfigured deployment systems, learn about backdooring software packages for SYSTEM-level access, and discover methods to break out of Docker containers. Uncover misconfigurations in Kubernetes clusters that can lead to compromising sensitive assets in multi-tenant systems. Examine webhook trickery in Slack for phishing attacks, and conclude with an implementation of a real-time two-factor authentication bypass technique used in a red team exercise. Gain valuable insights into the world of continuous intrusion and continuous deception from security experts Aladdin Mubaied and Rahul Nair.

BSidesSF 2018 - Tales of Red Teaming (Aladdin Mubaied • Rahul Nair)