Continuous Intrusion - Why CI Tools Are An Attacker's Best Friends

Explore the vulnerabilities of Continuous Integration (CI) tools from an attacker's perspective in this eye-opening Black Hat conference talk. Discover how these tools can serve as portals for gaining footholds and facilitating lateral movement within enterprise systems. Learn about various attack techniques, including command and script execution, credential theft, and privilege escalation, that can compromise not only the build process but also the underlying operating system and entire Windows domains. Through live demonstrations, examine how both open-source and proprietary CI tools can be exploited using their inherent features, without relying on memory corruption bugs. Gain valuable insights into the security risks associated with CI tools and understand why they are considered an attacker's best friend due to their poor security controls, distributed build management capabilities, and high-level access privileges in enterprise environments.