To conduct an advanced attack, you need more than just a collection of simple scripts. In addition to talent, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement, the more time we need. Time is something we don’t have a lot of on an engagement.
Today, to be an advanced and effective attacker, you need to move fast, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources, the days of manual setup are long behind us.
Where do we get started, and how does it all work?
In this Black Hills Information Security (BHIS) Workshop, we will go into the nuts and bolts of using DevOps for our engagements. We will learn how to use three different software stacks together to create the results we want. The Workshop will include four labs to take what you have learned and apply it right away.
First, we will focus on how to use Terraform to manage cloud infrastructure. Then we will dive into Ansible to configure our operating systems, and we will also look at Docker to execute our code and dependencies.
Finally, we will combine what we have learned to work through some common attack scenarios—for example, phishing or a C2 server. Not only will we walk through how it all works, but you will walk away with an understanding of how to customize this code to fit your needs.
If you have ever wanted to learn how to use Terraform, Ansible, or Docker and apply that knowledge to a red team, then this workshop is a must-see.