Explore containerization and its impact on offensive operations in this 39-minute Black Hat conference talk aimed at experienced penetration testers. Gain insights into Docker, vulnerability lifecycles, and application security testing while learning how containerization affects exploitation and post-exploitation techniques. Discover practical implications through a demonstration and understand how to approach multi-container applications from an attacker's perspective.
An Attacker Looks at Docker - Approaching Multi-Container Applications
Overview
Syllabus
Introduction
Penetration Testing
Purpose
Prior Art
What is Docker
Vulnerability lifecycle
How do you keep up
Development abstraction
Containerization
Hello World vs Docker
How Docker works
Control over execution
Containerization for attackers
Application security testing
Exploitation
Target Attack
Implications
Demo
Conclusions
Contact information
Taught by
Black Hat
Related Courses
-
An Attacker Looks at Docker - Approaching Multi-Container Applications
-
Penetration Testing Execution Standard (PTES)
-
Vulnerability Exploitation in Docker Container Environments
-
Extreme Privilege Escalation on Windows 8 - UEFI Systems
-
Finding the Needle in the Hardware Haystack - Identifying and Exploiting Vulnerabilities
-
Hacking Video Conferencing Systems
