Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Hack FaaSter: Leveraging Docker and OpenFaaS fo...

Glenn 'devalias' Grant
November 14, 2017
Technology
0
220

Hack FaaSter: Leveraging Docker and OpenFaaS for fun and offensive (security) profit

Presented at SecTalks Canberra (November 14th, 2017; Canberra, Australia)

A short presentation touching on Docker, Serverless/FaaS and OpenFaaS, some reasons why I think they're cool, and then jumping right into getting setup and playing with OpenFaaS as part of the workshop.

https://github.com/0xdevalias/hack-FaaSter

Make sure to check out the associated workshop files as well:

https://github.com/0xdevalias/hack-FaaSter/blob/master/workshop.md

Glenn 'devalias' Grant

November 14, 2017
Tweet

More Decks by Glenn 'devalias' Grant

See All by Glenn 'devalias' Grant
Bug Bounty Hunting on Steroids [DEF CON 26]
0xdevalias
0
250
Gophers, whales and.. clouds? Oh my!
0xdevalias
0
370

Other Decks in Technology

See All in Technology
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
220
安心してください、日本語使えますよ―Ubuntu日本語Remix提供休止に寄せて― 2024-11-17
nobutomurata
1
990
社内で最大の技術的負債のリファクタリングに取り組んだお話し
kidooonn
1
550
インフラとバックエンドとフロントエンドをくまなく調べて遅いアプリを早くした件
tubone24
1
430
Lambdaと地方とコミュニティ
miu_crescent
2
370
DMARC 対応の話 - MIXI CTO オフィスアワー #04
bbqallstars
1
160
ドメインの本質を掴む / Get the essence of the domain
sinsoku
2
150
RubyのWebアプリケーションを50倍速くする方法 / How to Make a Ruby Web Application 50 Times Faster
hogelog
3
940
OCI Security サービス 概要
oracle4engineer
PRO
0
6.5k
Terraform CI/CD パイプラインにおける AWS CodeCommit の代替手段
hiyanger
1
240
元旅行会社の情シス部員が教えるおすすめなre:Inventへの行き方 / What is the most efficient way to re:Invent
naospon
2
340
なぜ今 AI Agent なのか _近藤憲児
kenjikondobai
4
1.3k

Featured

See All Featured
Six Lessons from altMBA
skipperchong
27
3.5k
Building Applications with DynamoDB
mza
90
6.1k
StorybookのUI Testing Handbookを読んだ
zakiyama
27
5.3k
VelocityConf: Rendering Performance Case Studies
addyosmani
325
24k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k
Optimising Largest Contentful Paint
csswizardry
33
2.9k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
48k
Optimizing for Happiness
mojombo
376
70k
Making the Leap to Tech Lead
cromwellryan
133
8.9k
Visualization
eitanlees
145
15k
Designing the Hi-DPI Web
ddemaree
280
34k
Writing Fast Ruby
sferik
627
61k

Transcript

  1. @_devalias #hackFaaSter Hack FaaSter Leveraging Docker and OpenFaaS for fun

    and offensive (security) profit.

  2. @_devalias #hackFaaSter Who am I? u Glenn ‘devalias’ Grant u

    http://devalias.net/ u https://twitter.com/_devalias u https://github.com/0xdevalias u https://www.linkedin.com/in/glenn-devalias-grant/ u Penetration Tester @ TSS u Polyglot Developer u And a few other things.. u Biohacker, Bulletproof Coach, Snowboarder, Scuba, Skydiver..

  3. @_devalias #hackFaaSter What is Docker? u https://www.docker.com/ u Container: Lightweight

    ‘virtualisation’, shared kernel u Data is layered, layers are shared u Alpine Linux base image < 5mb! u DevOps: Clusters, deployment, static enviroments.. u Me: Toolkit on every box with no more system clutter! u docker run --rm devalias/gobuster –h

  4. @_devalias #hackFaaSter A FaaS intro to Serverless u Still uses

    servers, they’re just #InTheCloud™ (and somebody else’s problem) u While we’re ditching servers, let’s drop the frameworks too! u Function as a Service (FaaS) u Decompose applications into individual functions and microservices

  5. @_devalias #hackFaaSter OpenFaaS u https://www.openfaas.com/ u “Serverless Functions Made Simple”

    u Run ‘cloud functions’ locally, with the full power of Docker u faas-cli build –f https://hakt.us/funcs.yml u faas-cli deploy –f https://hakt.us/funcs.yml u echo “Hack” | faas-cli invoke TheGibson > /root/.workspace/.garbage

  6. @_devalias #hackFaaSter Workshop u “I’m too young to die” (Easy

    Mode, recommended) u We’ll use the free online ‘Play with Docker’ environment u https://github.com/0xdevalias/hack-FaaSter u “Hey, not too rough” (Medium Mode) u Install Docker (Community Edition) locally, then play along u Mac should be straightforward, Windows is more of a challenge because Hyper-V u “Nightmare” (Hard Mode) u I don’t need no instructions! I’ll do it myself! u Docker, OpenFaaS, OpenFaaS CLI.. You’re on your own now.

  7. @_devalias #hackFaaSter Upcoming Talks u CSides Canberra u “Gophers, whales

    and.. clouds? Oh my!” v0.2-alpha u Friday, November 17, 2017 (~6pm) u http://www.bsidesau.com.au/csides.html u BSides Wellington u “Gophers, whales and.. clouds? Oh my!” u Thursday, November 23, 2017 (3:30pm - 4:00pm) u http://bit.ly/BSidesWLG-devalias

  8. @_devalias #hackFaaSter Resources u Docker u https://www.docker.com/ u OpenFaaS u

    https://www.openfaas.com/ u https://github.com/openfaas/faas u https://github.com/openfaas/faas-cli u Community Functions: https://github.com/faas-and-furious u Blogs & Talks: https://github.com/openfaas/faas/blob/master/community.md