Newsletter
![[tl;dr sec] #201 - CloudRecon, LLM Security, Okta for Red Teamers](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #201 - CloudRecon, LLM Security, Okta for Red Teamers
Tool to find ephemeral assets in cloud infra, Dropbox's LLM security scripts, post-exploitation techniques for Okta
Clint Gibler /
![[tl;dr sec] #200 - LLM → Tailored IR Scenario, How to Secure Your GitHub/GitLab, Cloud Storage Threat Matrix](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #200 - LLM → Tailored IR Scenario, How to Secure Your GitHub/GitLab, Cloud Storage Threat Matrix
LLMs + ATT&CK → tailored incident response scenarios, OpenSSF's source code management platform best practices, new TTPs for the cloud storage threat matrix
Clint Gibler /
![[tl;dr sec] #198 - Building a Detection as Code Pipeline, NIST on CI/CD Supply Chain Security, Finding Malware with LLMs](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #198 - Building a Detection as Code Pipeline, NIST on CI/CD Supply Chain Security, Finding Malware with LLMs
How to build and test a DaC pipeline, new NIST whitepaper on integrating supply chain security measures into CI/CD pipelines, and finding malicious PyPi/npm packages with LLMs
Clint Gibler /
![[tl;dr sec] #197 - Career Resources, Modern Security Podcast, Smashing the State Machine](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #197 - Career Resources, Modern Security Podcast, Smashing the State Machine
Tons of career resources and advice, I'm starting a podcast on modern security practices, finding tricky state machine web bugs
Clint Gibler /
![[tl;dr sec] #196 - How Secrets Leak in CI/CD, AI Threat Modeling, Supply Chain](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #196 - How Secrets Leak in CI/CD, AI Threat Modeling, Supply Chain
Some subtle ways secrets leak and how to mitigate, AI threat modeling for policymakers, in-toto and TACOS
Clint Gibler /
![[tl;dr sec] #195 - Kubernetes Exposed, SBOMs, Elastic's Vuln Management](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #195 - Kubernetes Exposed, SBOMs, Elastic's Vuln Management
Survey of misconfigured and openly accessible k8s clusters, several SBOM resources, how Elastic uses Elastic for vulnerability management
Clint Gibler /
![[tl;dr sec] #194 - CNAPPGoat, KubeFuzz, tl;dr sec swag](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #194 - CNAPPGoat, KubeFuzz, tl;dr sec swag
Multi-cloud open source tool to deploy vulnerable-by-design cloud resources, fuzzing Kubernetes Admission Controllers, where you can get tl;dr sec swag at Hacker Summer Camp
Clint Gibler /
![[tl;dr sec] #193 - ATT&CK for AI and SaaS, GitHub Actions Goat, Finding Bugs in Web App Routes](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #193 - ATT&CK for AI and SaaS, GitHub Actions Goat, Finding Bugs in Web App Routes
Common techniques and attack vectors for both AI and SaaS apps, a deliberately vulnerable GHA CI/CD environment, tool to find authentication and authorization bugs in web apps
Clint Gibler /
![[tl;dr sec] #192 - Google's AI Red Teaming, OWASP on Cloud Security, Trail of Bits' Testing Guide](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #192 - Google's AI Red Teaming, OWASP on Cloud Security, Trail of Bits' Testing Guide
Google's whitepaper on how they approach AI red teaming, OWASP's cloud architecture security cheatsheet, ToB on static/dynamic analysis tooling
Clint Gibler /
![[tl;dr sec] #191 - BadZure, Detection & Response Pipelines, 18K Subscribers!](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #191 - BadZure, Detection & Response Pipelines, 18K Subscribers!
Spin up purposefully vulnerable Azure AD tenants, detailed examples of modern detection pipelines, new subscriber milestone!
Clint Gibler /
![[tl;dr sec] #190 - Securely Build on AI, CISA Pen Test repo, Joining Google's Red Team](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #190 - Securely Build on AI, CISA Pen Test repo, Joining Google's Red Team
How to secure product features that leverage AI, CISA's repo of example penetration testing findings, how to join Google's red team and other career resources
Clint Gibler /
![[tl;dr sec] #189 - CISA on Defending CI/CD, Backdooring NPM via S3, AI + Reverse Engineering](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #189 - CISA on Defending CI/CD, Backdooring NPM via S3, AI + Reverse Engineering
CISA/NSA's guide on defending cloud CI/CD, backdooring NPM modules depending on binaries in S3, I'm collecting AI + cybersecurity resources
Clint Gibler /
![[tl;dr sec] #188 - Security Interview Questions, Secret Scanning Tools, PentestGPT](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #188 - Security Interview Questions, Secret Scanning Tools, PentestGPT
Interview questions across a variety of roles, several secret scanning tools, an autonomous pentesting tool using GPT-4
Clint Gibler /
![[tl;dr sec] #187 - AWS Pentest Methodology, Destroyed by Breach, Awesome LLM Cybersecurity Tools](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #187 - AWS Pentest Methodology, Destroyed by Breach, Awesome LLM Cybersecurity Tools
An offense-focused approach to AWS pentests, companies ended by cybersecurity breaches, OSS security tools leveraging LLMs
Clint Gibler /
![[tl;dr sec] #186 - Enterprise Purple Teaming, Cloud CTFs, Code Review with LLMs](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #186 - Enterprise Purple Teaming, Cloud CTFs, Code Review with LLMs
Massive list of purple teaming resources, two new cloud CTFs to practice on, how effective are LLMs at doing secure code reviews?
Clint Gibler /
![[tl;dr sec] #185 - Artisanal to Industrial Security, Securing the EC2 Instance Metadata Service, 12 Threat Modeling Methods](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #185 - Artisanal to Industrial Security, Securing the EC2 Instance Metadata Service, 12 Threat Modeling Methods
How to deliver security at scale, the security properties of IMDSv2, a summary of many threat modeling approaches.
Clint Gibler /
![[tl;dr sec] #184 - Public Cloud Security Breaches, OWASP Top 10 for LLMs, Living Off the Orchard: macOS Binaries](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #184 - Public Cloud Security Breaches, OWASP Top 10 for LLMs, Living Off the Orchard: macOS Binaries
Compendium of cloud security incidents and breaches that have affected customers, top risks for software leveraging Large Language Models, a library of macOS binaries that can be used for ‘living off the land’.
Clint Gibler /
![[tl;dr sec] #183 - The 3 Metrics to Focus On, Build a Purple Team Lab, Damn Vulnerable Android and iOS Apps](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #183 - The 3 Metrics to Focus On, Build a Purple Team Lab, Damn Vulnerable Android and iOS Apps
If you can only choose 3 metrics, what to choose? How to build a Kubernetes purple teaming lab, vulnerable Android and iOS apps to learn on.
Clint Gibler /
![[tl;dr sec] #182 - Cloud Native Security Talks, AI Attack Surface Map, Attacking and securing cloud identities in managed Kubernetes](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #182 - Cloud Native Security Talks, AI Attack Surface Map, Attacking and securing cloud identities in managed Kubernetes
Video playlists and abstracts from CloudNativeSecurityCon and KubeCon, overview of attacking AI assistants and agents, attack vectors to pivot from an EKS cluster to an AWS account.
Clint Gibler /
![[tl;dr sec] #181 - Awesome CloudSec Labs, Red Team Infra in 2023, Privilege Escalation in EKS](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #181 - Awesome CloudSec Labs, Red Team Infra in 2023, Privilege Escalation in EKS
Free cloud-native security learning labs, the essential components for modern robust red teaming infra, how to privesc from a compromised EKS pod and defeat Kubernetes NodeRestriction.
Clint Gibler /
![[tl;dr sec] #180 - Scaling AppSec, tl;dr sec Swag 🤯, GCP Pentesting Guide](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #180 - Scaling AppSec, tl;dr sec Swag 🤯, GCP Pentesting Guide
Riot Games and Segment on Scaling AppSec, help me decide what tl;dr sec swag to make, resources and techniques to do an effective GCP pentest.
Clint Gibler /
![[tl;dr sec] #179 - BSidesSF Summaries, Attacking Kubernetes, OpenAI Burp Suite](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #179 - BSidesSF Summaries, Attacking Kubernetes, OpenAI Burp Suite
I wrote quick summaries of four BSidesSF presentations, common Kubernetes attack vectors and vulnerable lab, Burp Suite extension that uses OpenAI for recon.
Clint Gibler /
![[tl;dr sec] #178 - DevOps Threat Matrix, LLMs in Security, Supply Chain Security](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #178 - DevOps Threat Matrix, LLMs in Security, Supply Chain Security
Microsoft techniques and attack vectors for DevOps environments, applications of LLMs in security, the deps.dev API and Golang supply chain security.
Clint Gibler /
![[tl;dr sec] #177 AWS KMS Threat Model, DOM Invader, Forensics in the Cloud](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #177 AWS KMS Threat Model, DOM Invader, Forensics in the Cloud
Threat model and attack tree for AWS Key Management Service, Gareth Heyes on how to use the DOM Invader Burp extension, doing cloud forensics when a container is compromised.
Clint Gibler /
![[tl;dr sec] #176 - Cloud Security Atlas, Semgrep + AI, Finding Malicious PyPi packages](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2023-09-12_at_10.22.48_AM.png)
[tl;dr sec] #176 - Cloud Security Atlas, Semgrep + AI, Finding Malicious PyPi packages
A searchable database of real-world attacks, vulns, and misconfigurations in cloud environments, Semgrep Assistant supports auto-triaging and fix suggestions using GPT-4, overview of malicious PyPi packages in 2023.
Clint Gibler /