Build to Hack, Hack to Build
Offered By: Security BSides London via YouTube
Course Description
Overview
Explore container exploitation and security in this 25-minute conference talk from Security BSides London. Learn about the development of BOtB, a container exploitation tool designed to identify and autopwn common vulnerabilities in Docker and LXC. Discover how BOtB can be integrated into modern SDLC environments using CI/CD technologies to detect, exploit, and remediate container vulnerabilities before production releases. Gain insights into the technical details of container vulnerabilities exploitable by BOtB, and understand how both pentesters and engineers can leverage this tool to enhance container security. Delve into topics such as BreakAfterBox, Dakka, Hydroponic Sock, CI environments, environment variables, OS environments, metadata services, and binary hijacking.
Syllabus
Introduction
Problems
Tools
BreakAfterBox
Dakka
Hydroponic Sock
Issues
Show Controls
Return Codes
CI Environment
Environment variables
OS environment
Analyze
Test
Environment
Metadata Services
Binary Hijacking
Taught by
Security BSides London
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network