README.md 2.86 KB
Newer Older
Steve Manzuik's avatar
Steve Manzuik committed
1
2
# Red Team Tech Notes

Steve Manzuik's avatar
Steve Manzuik committed
3
At GitLab one of our six [core values](https://about.gitlab.com/handbook/values/) is transparency. As a [Red Team](https://about.gitlab.com/handbook/engineering/security/red-team/) we are striving to uphold this value by sharing as much as we can. We named this project "Tech Notes" because the original idea was that we would share the technical things that we ourselves had to learn in our day to day work. We have expanded on that and will also use this project to publish results of Red Team exercises, technical papers, tooling, and blog posts that we write. We hope that by sharing we are not only demonstrating a company value but are also providing a resource for others to learn from. Of course, there will be scenarios where we are unable to share our work, the security of our customers and employees is why we are here so we will not share anything that creates a risk to either. Once there is no longer a risk, we will revisit publishing. If you have any questions or feedback on any of our content here please feel free to open and issue.
Greg Johnson's avatar
Greg Johnson committed
4
5
6

## Index

Steve Manzuik's avatar
Steve Manzuik committed
7
### Papers
Steve Manzuik's avatar
Steve Manzuik committed
8

Steve Manzuik's avatar
Steve Manzuik committed
9
* [Introducing Token Hunter](https://about.gitlab.com/blog/2019/12/20/introducing-token-hunter)
Chris Moberly's avatar
Chris Moberly committed
10
* [GCP Post Exploitation Tactics & Techniques](./gcp-post-exploitation-feb-2020/README.md)
Greg Johnson's avatar
Greg Johnson committed
11
* [The Mechanics of Modern Thievery (Part 1 of 2)](./mechanics-of-modern-thievery/part-1.md)
Joern Schneeweisz's avatar
Joern Schneeweisz committed
12
13
14
* [Privilege Escalation in Google Cloud Platform's OS Login](./oslogin-privesc-june-2020/)
* [K8s-GKE Attack Notes](./K8s-GKE-attack-notes/)
* [Firefox for Android LAN-Based Intent Triggering](./firefox-android-2020/)
Steve Manzuik's avatar
Steve Manzuik committed
15

16
17
### Quick Tips

Joern Schneeweisz's avatar
Joern Schneeweisz committed
18
* [Scraping Cloudflare Anti-Bot](./cloudflare-notes)
19

20
21
22
### Talks

* [Black Hat USA 2020 - Token-Hunter and gitrob:  Hunting for Secrets](./blackhat2020-hunting-for-secrets/)
Chris Moberly's avatar
Chris Moberly committed
23
* [BSides Melbourne 2020 - Google Cloud Post Exploitation Tactics & Techniques](https://www.youtube.com/watch?v=OJ_wUcVrGx0)
24
* [Black Hat EU 2021 - Picking Lockfiles](./blackhat-eu-2021-picking-lockfiles/)
25

Steve Manzuik's avatar
Steve Manzuik committed
26
27
### Tools

28
29
30
31
32
33
* [GitRob](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gitrob)
* [Token Hunter](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/token-hunter)
* [gcp_misc](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_misc)
* [gcp_enum](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_enum)
* [gcp_firewall_enum](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_firewall_enum)
* [gcp_k8s_enum](https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_k8s_enum)
Steve Manzuik's avatar
Steve Manzuik committed
34
35
36

### Red Team Exercises

Joern Schneeweisz's avatar
Joern Schneeweisz committed
37
* [RT-011 Phishing Campaign - Fake Laptop Upgrade](./RT-011%20-%20Phishing%20Campaign/README.md)
38
39
40
41
42
* [RT-014 Phishing Campaign - Fake Expenses](./rt-014%20-%20Phishing%20Campaign/README.md)

### Research Works-in-Progress

* [All Cloud RedTeam](./research-works-in-progress/all-cloud-redteam/)