No SQL Injection in MongoDB Applications | SANS@MIC Talk
Skills:
Network Security80%
Key Takeaways
Demonstrates NoSQL injection techniques in MongoDB applications for web application penetration testing
Full Transcript
to the questions window located on the go-to webinar interface at any time please note that this webcast is being recorded and a copy of the slides and recording will be available for viewing later today this can be found on the sans registration page and with that I'd like to hand the webcast over to Adrienne hello good morning and good afternoon my name is agent Aubrey and I'm here to talk to you about no SQL injection this is the part of a series of modern web application penetration testing techniques that I've been giving for the past several years it's the third in the series and it's a portion of a class that I am both the co-author and one of the instructors for with the SANS Institute it is SEC six four two so six four two is the advanced web application penetration testing ethical hacking and exploitation techniques class within it one of the sections is no SQL injection so this is a portion of that class send it to you now if you have any questions please do ask them I'll get to the questions towards the end of the presentation but please do feel free to ask them and Sam will either read the much of me or I'll get to them at that time so without further ado let's step in so what is a no SQL database simply enough it is not a relational database a traditional relational database is made up of tables and fields so for example you might install MySQL or Microsoft sequel server or Oracle or Postgres any one of those they are all considered relational databases this format goes back to the 1970s and within each database again you have these tables and fields each field will have a name and a value now more recently within the past few years there's a development called a no SQL database now no SQL stands for not only or not SQL and here's some very clear differences between a no SQL database and a relational database that uses SQL sometimes called sequel so very different in no SQL there are very few standards between the different platforms and there is no common query language so full stop right there SQL or structured query language is a standardized language between all racial databases so no SQL databases don't have that also commonly relational databases often have a number of security features in a survey across new school databases we found that the security features that we would normally expect to see inside databases are not necessarily there for example normally we would expect an authentication process to be there in no SQL databases authentication is not necessarily enabled by default and if it is available it's not always supplied to a database itself it may require additional software to provide the negation service for you we're talking about between the application on the server and the back end does the application with server require authentication to the backend and the answer is with no SQL not always another common feature we expect is that the access the application has the database will have some form of access control we found that across many new SQL databases that even if they require you to authenticate there is no such thing as a rule meaning that all users have access to every part of the data so here's two big differences we're out of the bat that authentication is now is there and if they require the location there may or may not be any form of access control or concept of authorization inside the database that's a pretty clear difference right there next one the third a auditing not all new SQL databases perform logging some others require some additional software to perform logging for you this is between again the application and the database whether or not auditing and logging is performed of access performed by the application there may or may not be encryption between the application and the database as well there may not be encryption in side database not all of them perform data encryption features inside database in traditional relational databases this might be field level encryption so there's some very very strong differences between relational and no SQL databases in the security features available and this is the highlight slide that demonstrates in our survey some of those results so another survey performed by a third party is well what our database is out there this is a survey of databases used on the Internet so one clear difference here might be database is used in oh my goodness I just realized I'm not advanced in the slides so I'm sure someone mentioned that in the questions so there is my first slide I'm sorry it's 3:00 a.m. here in Canada there is a second slide where I was talking about these security standards and I'll leave this slide up so you can look at it again going back to the definition of security standards there's no common Korean language authentication is not always enabled access control may or not exist auditing may not exist TLS or transport layer encryption may not exist encryption at the file system may be enabled but inside the database field level encryption may or may not be enabled I'll pop one step forward this is the slide that I realized that I'm not advancing the slides correctly so among the databases available around the world on the Internet some of them are no surprise let's look take a look at number 1 2 3 Oracle MySQL Microsoft sequel server and number 4 Postgres these are all very traditional relational databases we expect to see those in the top 10 five six seven eight nine and 10 are all kind of surprises look at the so MongoDB is a new SQL database I'd never heard of it before five years ago and there it is in the top five of all databases used by applications on the Internet IBM db2 if you don't heard of it before is a very traditional relational database used on IBM mainframes as since the 1970s this product has been around that long now the next to elastic search and Redis are also no SQL databases these are not relational databases so that's new SQL Lite is kind of a relational database but it's kind of like Microsoft Access it's really just a file but the last from Cassandra so if you look at the top ten databases used on the internet in common web applications we have elasticsearch Redis and Cassandra one two three four so four of the top ten databases are non-relational this is fantastic this is incredible this should cause us to question so what's going on here something has changed and the clear difference is let's be honest relational databases are slower to achieve web scale performance you require a NOAA database however you trade performance for other things you get higher performance but you lose things now MongoDB appears to be one of the most popular I've some experienced I've spent some time researching this since I wrote the slides almost four years ago so MongoDB is a document-oriented database meaning it does not have fields or tables it has documents he does not use SQL or structured query language the queries are in JSON so Jasmine is Java Script object notation if you're familiar with Python it's very much like a dictionary so everything is in name and value pairs actually they're actually stored in a format called BSO n bison or binary JSON so here's a very very clear difference in a relational database the schema meaning the design of the database the fields and the tables and their primary keys that's the schema in a schema of MongoDB it is dynamic and if you insert new name value pairs you just change the schema it changes on-demand the next one is a game changer this is one of the biggest differences between a relational database and a instance is that queries can and choose include Java Script let's stop there for a moment ok so JavaScript runs in our browsers interesting JavaScript can run on the server with node and express it in fact no to Express running on the server are often paired with another JavaScript framework called angular running in our browser so we have JavaScript and we have JavaScript frameworks running in our browsers we have JavaScript frameworks and servers node and Express running on the server the missing feature here is the back end which is is the database can also run JavaScript so we have JavaScript now a victus across all layers of our traditional application stack now here's kind of a joke and I apologize if you've not seen the movie mongrel only pawn in game of life which is a reference to a really horrible movie from the 1970s called Blazing Saddles but any case is a character in that movie and he says that line that only pawn in game of life later on blows up any case so JavaScript really interesting so both SQL meaning relational databases and no SQL have some very interesting and very important differences in their approaches to data so SQL again going back many decades is acid compliant meaning that they all try to adhere to these principles atomicity consistency isolation durability so maintain consistency even if it slows us down even if it limits scalability which means for example relational databases often do something called journaling journaling meaning they save a copy of all the transactions they've written to the database so if you suddenly cut power to the database you should be able to recover the database and replay the journal to see what has happened since your last snapshot so you get that consistency that ability to recover but it slows you down on the other hand no SQL is these key or name value pairs and different no school databases call them different things causing documents react calls and buckets but the clear difference here is the principles that are guide them the principles here are basically available soft state eventually consistent kind of may be in fact the most novel databases attempt to keep all data in memory all the time which means never ever write to disk if you think about that if you never write to disk you don't keep journals what happens if the power is cut and the answer is the data goes away it goes bye-bye it's gone because you did not write a disk there's a very clear trade-off between consistency to attain scalability where honestly the left-hand-side SQL is slower the right hand side new SQL is much much much faster but an example here is if you query NoSQL database a hundred thousand times you might get different answers think about that so another clear difference is the language so on the left hand side we have SQL structured query language using MySQL an example would be select which is a very common method of accessing data select star meaning all of the fields from users where ID equals one this is an example where we're selecting something from a table where we're specifying that the field ID equals a value of one and that will give us a response we can update so the update query is update users setting password equals an input possibly from a user where ID equals input from a user we can also create a table users where the ID and the user ID have certain values on the right hand side we have the no scroll equivalent with MongoDB where they use DB dot now traditionally meaning some time ago the DB dot commands were accessible through many of the frameworks that had access to most modern frameworks do not allow you to access the DB dot commands inside Bongo anymore which is a good thing this means that the frameworks are getting better at security so but the framework itself might run the DB dot command so DB users where users is the collection or document or database daaad find is the function and then user then we might have an update now but I might point out notice the format of the fine so DB light users don't find left bracket curly brace user ID colon one right curly brace right bracket the format there is a JSON user colon value the name value pair so the example update is DB users or update of that JSON again or the dictionary user ID : whether you have a value inputted set password to an input and to create a table its DB creation collection users so the point of the slide is these syntax is very different also meaning that the methods that applications use to access data on both sides between SQL NoSQL are very different now here's a conversation a replay of some years ago although not that many years ago between a security team and a development team and we're talking about SQL injection and the development team says oh we are not vulnerable to SQL injection and the answer was you are correct you are not vulnerable to SQL injection however you are vulnerable to no SQL injection because use MongoDB and there was silence across the room then someone at the back room says well that's not a thing I think he made that up the answer is we did make it up this is actually a thing that there is a vulnerability called no SQL injection and exists in applications that use MongoDB so traditional SQL injection using sequel map SQL map does not work here but consider the application it may have variables that are transported or passed between the application and the back-end database via for example a REST API endpoint that contains JSON and the GS when becomes the query inter database so imagine now the attacker understands this and control portions of the parameters inside the JSON that are passed to the back-end database running you guessed it GA Suen queries this is where we have injection now most often the input from a user becomes part of a where clause or dollar where operator very similar to an SQL where Clause now going back in some older versions you could introduce the DB commands for example DBA valve MapReduce and other group operators for the most part injection directly into DB dot commands is not necessarily allowed but most often we are allowed to inject inside of queries like the where operator so look at the bottom of the slide where we have parameter injection like so victim dot slash login question so up to that point it's basically the resource URL then we have user square bracket dollar and II square bracket equals one this is a feature of HTTP whereby the square brackets on the left of the equal sign indicate that this is in fact an array so traditionally you would not have the square brackets there you'd have login question user equals one perhaps and password equals password because of course the pastor is always password that's a joke so user not equal one in this case would become the array of all users not one and that's a real interesting thing so it's a feature of HTTP now this does depend upon the language running at the backend if for example the backend is running PHP as its framework PHP is loosely typed and will allow you to specify that oh by the way this thing that I thought used to be a string is now an array because square brackets in the HTTP GET request or in the post contents so this might return all users not equal to one depending upon what that query does if it's a login feature it might log us into someone else it was a different feature it might give us all of the users so things to try if you're fuzzing or attempting to attack DB well try inserting JavaScript because runs JavaScript but you have to imagine right that what time but what type of attack we're talking here you said Adrienne this is injection yes so we're injecting into something running on the database through the application which means of course the application itself and the framework it's written in whichever rippy could do validation on inputs so this is a lack of validation but if they do not strip out JavaScript in fact the JavaScript may run in the context of a instance you can also insert JSON and see what happens there you can try and insert things that would trigger database errors on purpose in traditional SQL injection from goodness that would be almost ten years ago you could inject errors into the database and see them come back into your browser now with SQL injection meaning relational databases those errors are mostly hidden from us so we don't see them anymore and we have blind SQL injection in more modern no SQL injection we often believe it or not still see the errors so we have JavaScript you have JSON we have attempts to introduce syntax errors where we might see the error response we can try insert logic so that's the logic there quote pipe pipe well pipe pipe in this case means or so quote or one equals one semi colon slash slash which in this case semi colon slash slash says that's the end of the line ignore the rest being a comments so commenting out things a slash slash but most importantly on this entire slide are the operator these are things that mangu understands where greater-than less-than not equal and regex or regular expressions the last comment on this slide is commands you can try to do them directly in most cases versions that are more recent will not allow you to direct commands from web applications in some older implementations these might still work so we have things to fuzz we also have a methodology the methodology is here very similar to sequel or SQL injection first start with a query that answers yes meaning I am true so this is called a baseline when you use a tool like burp suite burp suite intruder one of the tools inside burp has a method of doing fuzzing it is the fuzzing tool inside burp and when you run burp suite it always as a baseline or the original request we traditionally want the original request to return true the next step is look for errors introduce fuzzing strings things that will cause errors and see if we see the response from database indicating syntax errors then try to inject operators that inject that modify the query in this case you may actually modify the logic of the query remember my friend not equal try other logic to return multiple records try perhaps now this one's dangerous so be very careful inject new records to modify the schema or even more dangerous delete or modify records you may have seen little bobby drop tables this is a xkcd instance that told you that if you can change an introduction in if you can introduce a change into dance into a parameter that becomes part of a database query and insert you know drop table that might be a problem you can also in this case inject JavaScript inject JSON or bs1 directly or the last case interesting in some cases you install or some of the other databases and they implement a rest api or some other management interface that perhaps may allow access database directly some time back used to bind to every IP address with no authentication required now traditionally you would probably rather your database bind to localhost only meaning only be accessible local to the application and not on your public IP address but mangu would bind to your public IP address also which meant that well since there was no authentication anyone could access your database so I'd be probably a bit of a drag for tools there are surprisingly not that many tools out there I've run across a few there's no askew l map which is an attempt of course to be similar to sequel map or SQL map there's the new SQL exploitation framework there's inside of fuzz DB fuzz DB is a collection of strings for performing web application attacks there's also burp suite pro and OS zap so we have a bunch of tools now you might also wonder well what about the commercial application scanners so my experience there is with app scan now fortify our story web inspect now fortify and some others like a kinetics and nets Parker most of them have some coverage of SQL databases but I'll tell you almost all of them only cover DB which means there's probably some other databases let's for example call out Redis Cassandra memcache and some others that there is very limited coverage by any of the tools to determine if you are vulnerable to newest cool injection into those databases now when I wrote these slides I was also searching for applications that are vulnerable because I wanted to have an example one of which is written a for this course by my friend digi ninja also known as Robin would Robin lives in England I believe in northern England and I had barely met him online when he agreed to write this application for this course you'll see it very shortly so did ginger wrote one there are additional testing pages written inside the tool a skull map the web security blog on new SQL injection has an example and there probably some others now I'm gonna argue and you can argue back with me that most applications that have vulnerabilities the majority of them are not written on purpose meaning that the developers we assume do not put the vulnerability inside the application intentionally although you wonder sometimes we'll talk at the end of the talk about there's actually some other one actually no it's this life so you might wonder like so is MongoDB no school injection a very hypothetical attack well no CVE 2017 one zero zero zero four nine three had a CVS s version three base core of nine point eight which is pretty darn close to a perfect ten it's an application called rocket chat server that is vulnerable to no school injection that if you added your own account which is allowed in this application you could add your own account register yourself then you could query the administrator account information then you could send a reset of the password of the main account and then through new SQL injection you could actually recover the token sent to administrator and actually take over the administrator account and the reference at the bottom there is of the write-up of this attack that's actually not the one we're gonna demo all right so I tell this joke a lot so is it when you do a live demo you should of course sacrifice something to the demo gods normally you know I would joke and say I'd ask for a virgin goat but of course no one in their right mind would sacrifice an actual goat goats are very nice animals so no live animals are harmed in any making of any demos all righty so we're gonna switch over to live demo mode I'm gonna pop the VM and pause for a moment and at this time you should see my virtual machine and see a Linux VM with a new SQL attack lab this is the attack lab again written by my friend Robin wood did she ninja it's gonna increase the view a little bit so there are three different places two ways to play we're going to first click on the first one guess the key guess the key my guess oh I don't know 42 click on guess and it says no match oh I'm gonna guess quote and look what happens it says I'm gonna give you a stack trace which is super cool because now I get to system the code that runs on the back end and it says right here VAR gasp equals quote quote quote that's exactly what it didn't like that's the quote I inserted and that's the code around the quotes and it says if key equals guess return match else return no match well so no match because I put in something else I've put in 42 now 42 is again a bit of a joke it's the answer in a book series called The Hitchhiker's Guide to the galaxy by Douglas Adams but if you think about this okay so e is something interesting I don't know what he is I know a guess is because I put in gas if key equal equals gas so what I really want is key so looking at what's in there if I put it in quotes that will terminate part of the query semicolon return key now notice where I get the idea to return right there it says return so return is what comes back to me because I know when no match came back to me because there's a return no match so return the key the key is what I want to see so quote semicolon return key but now I want to finish off what's going to happen after me send me colon slash slash I'm putting in code to basically tell the application give me the key usually I put a space right there I don't think it's required but anyway and it says hey the key is Magrathea so based on putting in a quote that gave me an error where the error contained a stack trace I can construct code that tells the server to give you the answer excellent here we have no SQL injection and click on home and try user lookup use a lookup it says challenge guess details of an administrator so want to be admin it says Sid is a user let's try something invalid first Adrian guess says user name invalid cool then I try Sid and said ooh something different now here let's take a look at went pat whit would passed us and we're going to do occasions text control V want to see a little bit so here that's the resource question so everything after the question is what we're interested in type equals user and user name equals SID well I don't want to be a user and I don't want to be SID so what if I put in here dollar not equal I don't want to be a user and I put in here user name dollar not equal I don't want to be SID I want to be not a user and not Sid and I want to try that in the application that portion and see what happens and it says oh you're at men in fact your name is penny penny dog now this application is available you can download it from Robin wood digi new but here he actually gives the example you click on show it shows an example so one is not equal so when I showed you there's actually a second one using regular expressions so if you look at the regular expression and copy that and put it in the text editor it actually uses dollar regex equals dot star meaning any dollar regex equals dot star meaning any so any any says dump all of the users including admin penny so there's more than one answer to some of these questions hmm going back to home and login so we want to do an authentication bypass all right so I'm gonna try things that will not work I'm gonna try foo and bar login let's take a look at what we have here for parameters type equals user username is foo password is bar all right so I can work with this I want to bypass the first part but let's try one more test it said user not found when type in foo and bar let's try a Sid and a password of password and notice it says something different sorry you enter the wrong password so a logically invalid username of foo said wrong username a logically correct username meaning Sid told us wrong password so this allows me to assume things about the application that the error azar different if you have a valid password or sorry valid username versus valid password so what if I change type dollar not equal user and user named dollar not equal foo but the password I don't know the password yet I'm going to try that to insert into the application and it says wrong password but if they look at what I inserted I'm not a user and I'm not foo which should the applications mean that well if you're not a user and you're not foo you're probably administrator but I don't know the password so here's the interesting thing and I showed you the answer the answer to the password is bar put in a quote or quote one quote equals quote one this is effectively one equals one so let's talk about that for a sec one equals one is a tautology a tautology is something that is always true one equals one is true one not equal zero is true so or when equals one means return true I'm putting bar quote or one equals one into the password field which unfortunately in this case should give me a bypass of the third check the first check is my username the second check is my user type the third check is my password whoops and play people's any and password our quote or one equals one Oh huh I just made a mistake right there you all see me did saw so let me do it I typed in 1 equal sign my goodness if I want to comparison it must be two equal signs not one one is an assignment Wow all right you just saw a live demo fail but I did get it right so that was a pretty quick recover right where I'm a notice that I put in only one equals sign in to my query so equal equal is a check and it says hey you're correct your admin and here's super secret key Wow and here again the application shows us the solution which is the same from Robin already so it is now almost 4 a.m. in Canada where I live and where you are it's probably 4:00 in the afternoon so at this time I am totally open for questions if you are curious this is a portion of the course sans security 642 advanced web application penetration testing ethical hacking and exploitation techniques I have taught it in Singapore Australia and Japan and I willing to come back when of course the pandemic is over we are doing a massive rewrite of the course now we'll be featuring portions of the new content in the now timeframe in July of this year and then in September October November December later this year we will have the new version available so you want to see a preview sign up for the July version which is sooner the release of the official new version will be probably September possibly to over number of December so we're open for questions pass them to Sam thank you really appreciate your time today Thank You Adrian a couple of questions that have been asked and quick answers for you a copy of the slides and recording of this webcast will be available for viewing later today and it can be found on the sands registration page our second question was in regards to whether or not this presentation was part of the official sand six photo class which event such as previously a previously certainly is out of the sands Explorer to the class so if you like that getting in there and registering for the full course I've given people another sort of 30 seconds to a minute if there's any other questions that you'd like to require Adrian yeah I'd like to add that the new SQL injection port part of the course is much more extensive this is just part of it and we have many new topics we have JWT we have attacks against sam'l we have attacks against XX e we have all kinds of brand new content coming towards you so please do consider signing up for the class wonderful well if there's no other questions just like to thank you again Adrian for your great presentation I would just hope to bring that content to the sands community so everybody know thank you everyone also so oh let me throw up the last slide which is contact info please feel free to contact me at my email address or my twitter at adrian DB i'm fully available to questions email or Twitter I don't give my cell phone because I don't want you to call me at strange hours in the morning but please do feel free to reach out at any time boat any questions about application testing or the course any last questions yeah is second five for to the perfect road map into six six four two yes if you've taken five for two or something similar or have equivalent experience please do consider six four two yes right but it's not a prerequisite it's not if you have an equivalent experience or some other course try it well thank you again and thank you to our audience we certainly appreciate you listening in for a schedule of all upcoming and archived sands webcasts including this one please visit sands or forward slash webcasts you can find your CPEs for all completed webcasts by logging into your sands portal account navigate to your account dashboard then click my webcasts you can then download your CPAs on the right hand side of the web page until next time take care and we hope to have your back again for our next sands webcast good a mate say Jen thanks Adrian ciao
Original Description
This talk will discuss and demonstrate NoSQL injection, a modern web application penetration testing technique.
Speaker Bio
Adrien de Beaupre is a Principal SANS instructor and works as an independent consultant in beautiful Ottawa, Ontario. His work experience includes course development, technical instruction, vulnerability assessment, and penetration testing. He is a member of the SANS Internet Storm Center (isc.sans.edu) and is actively involved with the information security community.
About SANS
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from SANS Institute · SANS Institute · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
SANS FOR610: Reverse Engineering Malware: Malware Analysis Tools & Techniques
SANS Institute
SANS Institute Cybersecurity Training Customer Stories
SANS Institute
SANS Institute UK Cyber Academy
SANS Institute
SANS Institute UK Cyber Academy
SANS Institute
CISSP® Prep Exam, MGT414, by SANS Institute
SANS Institute
SANS Institute's Rob Lee Discusses The OPM.GOV Hack on CNN
SANS Institute
Information Security Training from SANS Institute - Student Testimonials
SANS Institute
SANS NetWars
SANS Institute
SANS DFIR NetWars
SANS Institute
Hack The Drone - SANS Cyber Academy UK
SANS Institute
SANS VetSuccess Immersion Academy
SANS Institute
SANS Cybersecurity Training, Certifications & Placement for Veterans
SANS Institute
The 2015 SANS Holiday Hack Challenge
SANS Institute
SANS VetSuccess Academy: Hands-on Skills
SANS Institute
SANS VetSuccess Academy Overview
SANS Institute
SANS ICS Security Summit & Training 2017
SANS Institute
Exploring the Unknown Industrial Control System Threat Landscape – SANS ICS Security Summit 2017
SANS Institute
WannaCry recap, patches, and analysis
SANS Institute
If We’re Doing So Well at Cyber Security, Why Are We Still Doing So Poorly?
SANS Institute
Graduation Day - SANS HM Gov Cyber Retraining Academy
SANS Institute
Incentivizing ICS Security: The Case for Cyber Insurance – SANS ICS Security Summit 2017
SANS Institute
SANS Data Breach Summit & Training 2017
SANS Institute
SANS Secure DevOps Summit & Training 2017
SANS Institute
How Threats Are Slipping In the Back Door - SANS ICS Security Summit 2017
SANS Institute
SANS Webcast – Continuous Opportunity: DevOps & Security
SANS Institute
SANS Cybersecurity Programs for the Department of Defense
SANS Institute
SANS Pen Test HackFest Summit & Training 2017
SANS Institute
SANS SIEM & Tactical Analytics Summit & Training
SANS Institute
If We’re Doing So Well, Why Are We Still Doing So Poorly? – SANS ICS Security Summit 2017
SANS Institute
SANS Institute
SANS Institute
ICS515: ICS Active Defense and Incident Response
SANS Institute
SANS Institute
SANS Institute
Introducing the NEW SANS Pen Test Poster
SANS Institute
SANS Institute - An Inside Look at the Newly Updated ICS515 Course
SANS Institute
SANS ICS Security Training, Munich, Germany
SANS Institute
SANS Automotive Summit Webcast
SANS Institute
Privesc Playground - SANS Pen Test HackFest Summit 2017
SANS Institute
Introduction to Reverse Engineering for Penetration Testers – SANS Pen Test HackFest Summit 2017
SANS Institute
Honey, Please Don’t Burn Down Your Office: Fun with Smart Home Automation
SANS Institute
SANS Security Operations Summit & Training 2018
SANS Institute
Sh*t Happens! (But You Still Need to Drink the Water) – SANS ICS Summit 2018
SANS Institute
ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018
SANS Institute
You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018
SANS Institute
A Sneak Peak at the New ICS410
SANS Institute
Jumping Air Gaps – SANS ICS Summit 2018
SANS Institute
Introduction to Linux
SANS Institute
Introduction to Malware Analysis
SANS Institute
You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam
SANS Institute
Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018
SANS Institute
Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
SANS Institute
Apples and Oranges?: A CompariSIEM – SANS Security Operations Summit 2018
SANS Institute
SANS Webcast - Perimeter Security and Why it is Obsolete
SANS Institute
SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture
SANS Institute
The Science of Security: The Psychological Impacts of Security Awareness Programs
SANS Institute
How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018
SANS Institute
Practical Advice for Submitting to Speak at a Cybersecurity Conference
SANS Institute
SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep
SANS Institute
SANS Webcast - Zero Trust Architecture
SANS Institute
SANS STX Cyber Range
SANS Institute
Part 1 – SANS Institute and Tenable talk about cloud security
SANS Institute
More on: Network Security
View skill →Related Reads
📰
📰
📰
📰
Australia finds serious gaps in Big Tech’s response to child sexual abuse online
The Next Web AI
The Future of Endpoint Security: Why Visibility, Intelligence, and Automation Will Define the Next…
Medium · Cybersecurity
Why Every Cybersecurity Product Needs Enterprise-Grade Connectors in 2026
Dev.to · Shivang Patel
Malware Deep Dive: Gandcrab
Dev.to · jordanricky1604-ship-it
🎓
Tutor Explanation
DeepCamp AI