YoVDO

Continuous Intrusion - Why CI Tools Are An Attacker's Best Friends

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Ethical Hacking Courses Privilege Escalation Courses Credential Theft Courses

Course Description

Overview

Explore the vulnerabilities of Continuous Integration (CI) tools from an attacker's perspective in this eye-opening Black Hat conference talk. Discover how these tools can serve as portals for gaining footholds and facilitating lateral movement within enterprise systems. Learn about various attack techniques, including command and script execution, credential theft, and privilege escalation, that can compromise not only the build process but also the underlying operating system and entire Windows domains. Through live demonstrations, examine how both open-source and proprietary CI tools can be exploited using their inherent features, without relying on memory corruption bugs. Gain valuable insights into the security risks associated with CI tools and understand why they are considered an attacker's best friend due to their poor security controls, distributed build management capabilities, and high-level access privileges in enterprise environments.

Syllabus

Continuous Intrusion: Why CI Tools Are An Attacker's Best Friends


Taught by

Black Hat

Related Courses

Ethical Hacking
Indian Institute of Technology, Kharagpur via Swayam
Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax
MSc Cyber Security
Coventry University via FutureLearn
Network Security - Introduction to Network Security
New York University (NYU) via edX
Network Security - Advanced Topics
New York University (NYU) via edX