Pivoting and Exploitation in a Docker Environment
Demonstrating an exploit in a Container environment (three dockers) across three different networks, I will demonstrate different pivot, vulnerability exploit, and privilege escalation techniques on all machines using Alpine linux, Gogs app, and other linux plataforms. Using Pentest methodologies such as recon, enumeration, exploitation, post exploitation. By the end of this “talk” everyone will be able to see different ways that exist in working with a single form of pivot and how to overcome different obstacles in different networks within this “new” environment called Docker.
Speaker
Filipi Pires
Principle Security Engineer & Security Researcher @senha_segura
I’ve been working as a Principal Security Engineer and Security Researcher at senhasegura…I’m a Hacking is NOT a crime Advocate and RedTeam Village Contributor. I’m part of the Staff team of DEFCON Group São Paulo-Brazil, International Speakers in Security and New technologies events in many countries such as US, Canada, Germany, Poland and others, I’ve have served as University Professor in Graduation and MBA courses at brazilian colleges. In addition, I'm a Creator and Instructor of the Course Malware Attack Types with Kill Chain Methodology (PentestMagazine) and Malware Analysis - Fundamentals (HackerSec).
Other Talks
Sponsors
Learn more about the organizations that joined us on this journey
Bridgecrew by Prisma Cloud streamlines cloud security throughout the development lifecycle with automation, security-as-code, and developer-first workflows.
Rollbar is the leading continuous code improvement platform that proactively discovers, predicts, and remediates errors with real-time AI-assisted workflows. With Rollbar, developers continually improve their code and constantly innovate rather than spending time monitoring, investigating, and debugging. Learn more at Rollbar.com.
