Red Team Village Learning Thursdays

April 8th:
Exploiting Misconfigured JIRA Instances for $$ with Harsh Bothra

Jira is one of the widely used platform and often the custom implementation of JIRA service may be misconfigured, outdate or having a vulnerable version installed. In this talk, we will look at some of the How to identify a custom JIRA instance, Interesting CVEs of various vulnerable JIRA Versions, Mind Map around it and how to automate current and future misconfigurations. 

Red Team Village Memory Forensics

April 15th:
Keep Your Code Safe During the Development Path Using Open Source Tools
by Filipi Pires
Practical demonstration of how a Developer can use a SAST tool for static analysis in code vulnerability, executing it in source code, byte code and/or binary and identifying security holes during the development process, analyzing many languages and codes.
The ecosystem will have the opportunity to know about an open source tool that orchestrates other security tools and identifies security flaws or vulnerabilities in projects and put all results in a database for analysis and generation of metrics, working this analysis with select the languages ​​and/or tools to be used on the project based on the available stack.
These languages and tools are: Python, Ruby, Javascript/Typescript, GoLang, C#, Java, Kotlin, Kubernetes, Terraform, some Leaks, Leaks(optional search in git history), PHP, C, HTML, JSON, Shell Script and Elixir, it being done in source code, byte code or binary, finding “Leaks" checks the source code for possible leaks of credentials, private keys or hard coded passwords and analyze the project’s dependencies to check for vulnerabilities in third-party libraries. in third-party libraries.
CedoXx and Omar (Ωr) Santos will provide an update on the upcoming events like RSA Conference 2021, Mayhem, DEF CON, Texas Cyber Summit, and GrayHat.

(c)2021, Red Team Village

Created with Mobirise website themes