pentesting chatopsconference.hitb.org/hitbsecconf2016ams/materials/d1... · 2017-10-15 ·...

13

Dr. Melanie Rieback May 26, 2016 [email protected] Pentesting ChatOps

Upload: others

Post on 24-May-2020

1 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

Dr. Melanie Rieback

May 26, 2016 [email protected]

Pentesting ChatOps

Page 2: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

When hackers grow up...

Page 3: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

What is ChatOps?

Page 4: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

Pentesting ChatOps

Page 5: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

XML Pentest Report Automation

Page 6: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

XML Pentest Report Automation(2)

Page 7: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

XML Pentest Report Automation(3)

Page 8: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

Pentesting ChatOps(2)

Page 9: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

Pentesting ChatOps(3)

Page 10: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

Passive Vulnerability Scanning

Page 11: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

Red/Blue Pentesting

Page 12: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016

What Else Can We Integrate?

● Scanning + Exploitation:– Nmap, w3af, sqlmap, hydra, etc..

● Reconnaisance:– Whois, Google, PassiveScan, etc..

● Cryptography– Hash cracking, etc..

● Other:– Email/SMS integration, spearphishing

Page 13: Pentesting ChatOpsconference.hitb.org/hitbsecconf2016ams/materials/D1... · 2017-10-15 · Pentesting ChatOps(3) May 26, 2016 Passive Vulnerability Scanning. May 26, 2016 Red/Blue

May 26, 2016 [email protected]

Questions?

ChatOps New Relic & Chef

Better Issue Management With ChatOps - Raygun · 2020-03-16 · Raygun.com Better Issue Management With ChatOps 8 Born within GitHub, ChatOps evolved from its open source chat bot,

Practical pentesting of ERP’s and businessmedia.blackhat.com/us-13/US-13-Polyakov-Practical-Pentesting-of-ERPs... · ERPScan Pentesting Tool • ERPScan's Pentesting Tool is a freeware

PENTESTING ICS 101 - BruCON 2017files.brucon.org/2017/Workshop_Pentesting_ICS_101.pdfPENTESTING ICS 101 LAB KALI LINUX ADDITIONAL TOOLS ... Pentesting PLCs Capture the flag ! ... PENTESTING

Puppet at GitHub / ChatOps

ChatOps Unplugged

01 - Pentesting - Footprinting-

Pentesting with Metasploit

Pentesting ChatOps · − Whois, Google, PassiveScan, etc.. ... master skyanth 6 days ago implemented monospace inline tag Procedure.md Raw contributor

Pentesting y troyanos

Practical SAP Pentesting

Wsd pentesting workshop

Do you need ChatOps? How does ChatOps really€¦ · Do you need ChatOps? How does ChatOps really work? For example, advanced R&D and IT operations teams may use a notification system

iOS Application Pentesting

Pentesting Cloud Environment

ChatOps: The New Interface of DevOps

Embrace chatOps, stop installing deployment software

Pentesting VOIP

Pentesting iOS Applications

Pentesting Con Kali

ChatOps with Hubot

Beyond Chatops - Bots @ Domain

Episodio de pentesting

Pentesting J2EE

Pentesting Android Applications

Pentesting ChatOps - HITB · Pentesting ChatOps. May 26, 2016 ... Red/Blue Pentesting. ... git commit Report/target/report.2015-09-1123-39-27.pdf -m automated build by chat

Pentesting for startups

Pentesting RESTful webservices

Pentesting Presentation

ChatOps - a DevOps accelerator

Pentesting embedded

ChatOps at Shopify - USENIX · ChatOps at Shopify. Inviting Bots in our Day-to-Day OperationsYour. Production Engineering. 1200+ $40b Rails 40+ 500k+ 10k. ChatOps. Conversation Driven

Pruebas de Pentesting

JIRA Service Desk + ChatOps Webinar Deck