• tl;dr sec
  • Posts
  • [tl;dr sec] #193 - ATT&CK for AI and SaaS, GitHub Actions Goat, Finding Bugs in Web App Routes

[tl;dr sec] #193 - ATT&CK for AI and SaaS, GitHub Actions Goat, Finding Bugs in Web App Routes

Common techniques and attack vectors for both AI and SaaS apps, a deliberately vulnerable GHA CI/CD environment, tool to find authentication and authorization bugs in web apps

Hey there,

I hope you’ve been doing well!

Hack Week

This week we had people fly in from all over the world to meet and hack together.

Hack week is a quarterly-ish tradition where people build furiously for a few days and then we do a montage of demos on Friday.

It’s always a bit awe-inspiring, as people make what seems like a quarter’s worth of progress in 5 days, and a number of the projects have turned into launched features and products.

I highly encourage you to take a week sometime to hack on something wild. It’ll be worth your time.

We’ve also done fun things like boba runs, a graffiti session, and a boat outing. Here’s Adam and I right after we got soaked by a wave (H/T Margaret for the photo):

Hacker Summer Camp

This year I’ll be in Vegas Monday to if I survive Sunday.

If you see me, feel free to come say hi, I’d love to meet you!

If you want a tl;dr sec t-shirt or stickers:

Lastly, I’ll be wandering aimlessly during the week with a stash in my backpack 😃 


📣 Secure your cloud migration at the speed of innovation

Cloud migrations are a transformative undertaking with many moving parts. The key is implementing a strong security foundation as you migrate. In this whitepaper, we explore the challenges and key questions behind cloud migrations, and take a look at how Wiz helps organizations during this process, including:

  • Full stack visibility

  • Creating a strong working relationship between cloud teams

  • Cloud education and skill upleveling

  • And more

📜 In this newsletter…

  • AppSec: GitHub Actions Goat

  • Hacker Summer Camp: Useful resources for newbies

  • Web Security: Tool to find bugs in web app routes, websocket pentesting REPL tool

  • Cloud Security: AWS networking concepts, tool to check for misconfigured GitHub OIDC <> AWS/GCP, finding GitHub OIDC vulns in the wild

  • Container Security: Abusing Amazon VPC CNI plugin for k8s, Steelcon container security workshop slides

  • Blue Team: Atomic red team, ATT&CK for SaaS, collaborative forensic timeline tool, Google on 0-days exploited in-the-wild in 2022

  • Red Team: Automating cred stuffing with nuclei

  • Politics / Privacy: China’s expanding influence campaign in the US

  • Machine Learning + Security: Tool to automate prompt injection attacks, ATT&CK for ML systems, tool to automate 👈️ , automatically creating LLM jailbreaks, Daniel Miessler and Dan Guido on if AI will help attackers or defenders more

  • Machine Learning: New in LangChain, text → image and video, hacker art

  • Misc: Shower thoughts, writer’s strike, precision walking, Twitter rebrand


By StepSecurity: A deliberately vulnerable GitHub Actions CI/CD environment showing common vulnerabilities and how to protect against them, including:

  1. Exfiltration of secrets from the CI/CD pipeline

  2. Tampering of source code or artifacts during build

  3. Compromise of the GITHUB_TOKEN


📣 Opal, scalable identity security

Opal is designed to give teams the building blocks for identity-first security: view authorization paths, manage risk, and seamlessly apply intelligent policies built to grow with your organization.

They are built from the ground up to synthesize the data needed to construct and monitor all of your company’s access – from a single pane of glass.

Opal is used by best-in-class security teams today, such as Blend, Databricks, Drata, Figma, Scale AI, and more. There is no one-size-fits-all when it comes to access, but they provide the foundation to scale least privilege the right way.

Hacker Summer Camp

If you’re going to be attending some combination of BSidesLV, Black Hat, and DEF CON for the first time, some potentially useful resources:

Web Security

Find security bugs in web application routes with route-detect
Red Canary’s Matt Schwager announces route-detect, a new CLI tool for finding authentication and authorization bugs in web application routes. Leverages Semgrep, will be presented at BlackHat USA Arsenal 2023.

Streamlining Websocket Pentesting with wsrepl
Doyensec's Andrew Konstantinov announces wsrepl, a tool designed to simplify the auditing of websocket-based apps. The tool offers a user-friendly interactive REPL interface and can be easily automated through different hooks that execute at various stages of the WebSocket lifecycle.

Cloud Security

AWS Networking Concepts
Auth0's Maria Inés Parnisari shares a mind map that links together all the different networking-related concepts from the AWS VPC dashboard.

By Ori Amiga: A tool that checks for misconfigured access to GitHub OIDC from AWS roles and GCP service accounts.

No keys attached: Exploring GitHub-to-AWS keyless authentication flaws
Datadog's Christophe Tafani-Dereeper writes about the GitHub-to-AWS keyless authentication flow using OpenID Connect (OIDC)- if not done properly, a GitHub Action from any GitHub repository can assume the role and retrieve credentials for it.

Christophe found a number of misconfigurations in the wild using OSINT + Sourcegraph to search through GitHub repos for role ARN, and walks through a real-world example.

Container Security

Abusing Amazon VPC CNI plugin for Kubernetes
Elttam's Berne Campbell writes on how to leverage the Amazon VPC CNI plugin for Kubernetes to manipulate network configurations, allowing an attacker with a foothold in an EKS cluster to expose and potentially exploit services in other VPCs.

Steelcon Container Security Workshop PDF
Slides from Iain Smart and Rory McCune that cover security features and pitfalls of modern containerization tools like Docker and Kubernetes. The workshop includes practical examples of attacks and defense on containerized systems, covering Docker containers and Kubernetes clusters.

Blue Team

By Red Canary et al: Small and highly portable detection tests based on MITRE's ATT&CK.

Let's talk about SaaS attack techniques
Push Security's Jacques Louw delves into the common techniques and attack vectors used against SaaS apps, providing a comprehensive SaaS attack matrix. Like MITRE ATT&CK but for SaaS. GitHub repo

An open-source tool for collaborative forensic timeline analysis, allowing users to visualize, analyze, and collaborate on forensic timelines using a web-based interface.

The ups and downs of 0-days
Maddie Stone shares Google’s Threat Analysis Group’s takeaways of 0-days exploited in-the-wild in 2022.

Red Team

Understanding & Automating Credential Stuffing Testing with Nuclei
Project Discovery’s Parth Malhotra explores the use of nuclei templates for credential stuffing testing in cloud services and self-hosted software instances and multiple ways to test username/password combinations.

Machine Learning + Security

By Utku Sen: A tool that automatically performs prompt injection attacks on ChatGPT instances by analysing ChatGPT rules and generating creative attack prompts tailored to the target.

”A knowledge base of adversary tactics, techniques, and case studies for ML systems based on real-world observations, demonstrations from ML red teams and security groups, and the state of the possible from academic research.”

By MITRE et al: A plugin developed for adversary emulation of AI-enabled systems that provides tactics, techniques and procedures (TTPs) defined in MITRE ATLAS (like ATT&CK for LLMs) to interface with CALDERA (an automated adversary emulation platform).

Universal and Transferable Attacks on Aligned Language Models
This is potentially huge— whereas previous jailbreaks involved substantial manual effort to create and can be easily patched, the authors of this paper were able to automatically create essentially unlimited jailbreaks that work on both open and closed source LLMs. “It is unclear whether such behavior can ever be fully patched by LLM providers.” H/T Caleb Sima.

Who Will AI Help More—Attackers or Defenders?
Daniel Miessler currently believes AI will most help attackers first, but it will help defenders more in the long term.

AI will help attackers automate and scale attacks in the short term before defenders have sufficient understanding of their environments, but in the long term, AI + a company’s context will give defenders the advantage.

How AI will affect cybersecurity: What we told the CFTC
Trail of Bits’ Dan Guido believes AI “has the potential to fundamentally change the balance between cyber offense and defense.”

  • Can a mid-level practitioner operate at an expert level with the help of AI? Our experience suggests yes.

  • AI is better for problems that require breadth of knowledge and where mistakes are acceptable (e.g., document this function, write a phishing email). It’s not great at problems that require mastery and correctness (e.g., find and exploit this iOS 0-day).

  • Bug bounties, phishing defenses, antivirus, IDS, and attribution will be among the first fields impacted as AI confers a greater advantage to attackers in the near term.

Machine Learning




✉️ Wrapping Up

Have questions, comments, or feedback? Just reply directly, I’d love to hear from you.

If you find this newsletter useful and know other people who would too, I'd really appreciate if you'd forward it to them 🙏

Thanks for reading!