Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Git for Security Professionals

Ian Lee
September 25, 2020
Technology
0
430

Intro to Git for Security Professionals

This workshop is to provide an overview and introduction to the version control system Git. This workshop will help provide an introduction to security professionals that may have no background in software development, that would like to start using their favorite open source tool, or even more, to find ways to contribute back.

Ian Lee

September 25, 2020
Tweet

More Decks by Ian Lee

See All by Ian Lee
Pass On What You Have Learned: Deploying to Production
ianlee1521
0
240
Building DevOps into HPC System Administration
ianlee1521
0
45
Keeping It All Safe: LLNL HPC Security Architecture
ianlee1521
0
90
Development of the TOSS 4 STIG
ianlee1521
0
120
You Must Unlearn What You Have Learned
ianlee1521
0
51
SC21: Addressing Cybersecurity Standards / Policies in HPC Environments
ianlee1521
0
68
Intro to Git for Security Professionals - WWHF WW 2021
ianlee1521
0
100
Releasing Your First (Python) Open Source Project to the Masses!
ianlee1521
0
260
2020 LLNL Computing Virtual Expo
ianlee1521
0
240

Other Decks in Technology

See All in Technology
Além do else! Categorizando Pokemóns com Pattern Matching no JavaScript
wmsbill
0
600
Azureの基本的な権限管理の勉強会
yhana
0
290
APIファーストなプロダクトマネジメントの実践 〜SaaSus Platformでの例〜 / "Practicing API-First Product Management - An Example with SaaSus Platform
oztick139
0
100
DevOpsメトリクスとアウトカムの接続にトライ!開発プロセスを通して計測できるメトリクスの活用方法
ham0215
2
240
ChatworkのSRE部って実は 半分くらいPlatform Engineering部かもしれない
saramune
0
160
ゼロから始めるVue.jsコミュニティ貢献 / first-vuejs-community-contribution-link-and-motivation
lmi
1
120
Hands-on Gemini, the Google DeepMind LLM
meteatamel
1
110
Meta Quest 3 で動く桜マシマシ WebXR アプリを IBM Cloud Code Engine と Babylon.js で作った話
1ftseabass
PRO
0
120
[新卒向け研修資料] テスト文字列に「うんこ」と入れるな(2024年版)
infiniteloop_inc
4
13k
本当のAWS基礎
toru_kubota
0
510
ワールドカフェI /チューターを改良する / World Café I and Improving the Tutors
ks91
PRO
0
120
TechFeed Experts Night#27 〜 フロントエンドフレームワーク最前線 (Svelte)
baseballyama
1
460

Featured

See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
243
12k
Mobile First: as difficult as doing things right
swwweet
216
8.6k
Statistics for Hackers
jakevdp
789
220k
Intergalactic Javascript Robots from Outer Space
tanoku
266
26k
From Idea to $5000 a Month in 5 Months
shpigford
377
45k
The Language of Interfaces
destraynor
151
23k
Imperfection Machines: The Place of Print at Facebook
scottboms
260
12k
Navigating Team Friction
lara
178
13k
Building an army of robots
kneath
300
41k
Put a Button on it: Removing Barriers to Going Fast.
kastner
58
3k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
2
3.4k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
227
16k

Transcript

  1. LLNL-PRES-698283 This work was performed under the auspices of the

    U.S. Department of Energy by Lawrence Livermore National Laboratory under contract DE-AC52-07NA27344. Lawrence Livermore National Security, LLC Intro to Git for Security Professionals Wild West Hackin’ Fest 2020 Ian Lee @IanLee1521

  2. LLNL-PRES-698283 2 ▪ Computer Engineer — 2010 – 2015: Primarily

    Software Development • Python, Web, (some) System Administration — 2016 – Present: Cyber Security • 2016 – Present: Cyber Assessment Coordinator – Red team on super computers • 2018 – Present: Alternate Organization ISSO ▪ @IanLee1521 — twitter.com/IanLee1521 — github.com/IanLee1521 — speakerdeck.com/IanLee1521 — On Discord: IanLee1521 ▪ “Leave things better than you find them” Who Am I ?

  3. LLNL-PRES-698283 3 ▪ Roughly first half: — Covering the Git

    basics ▪ Second half: — Actually doing some stuff with Git Schedule

  4. LLNL-PRES-698283 4 What is version control? http://smutch.github.io/VersionControlTutorial/

  5. LLNL-PRES-698283 5 Can’t I just have the version in the

    name? https://www.datamation.com/news/tech-comics-version-control-1.html

  6. LLNL-PRES-698283 6 Common Version Control Tools

  7. LLNL-PRES-698283 7 Fear of Git If that doesn't fix it,

    git.txt contains the phone number of a friend of mine who understands git. Just wait through a few minutes of 'It's really pretty simple, just think of branches as...' and eventually you'll learn the commands that will fix everything. https://xkcd.com/1597/

  8. LLNL-PRES-698283 8 ▪ Required — $ git config --global user.name

    “Ian Lee” — $ git config --global user.email “[email protected]” ▪ Optional (but recommended) — $ git config --global color.ui true — $ git config --global credential.helper “cache --timeout=43200” — $ git config --global push.default simple ▪ For this course — $ git config --global core.pager cat Configuring Git: `man git-config`

  9. LLNL-PRES-698283 9 A Word About Branch Names https://www.bcadoption.com/resources/articles/adoption-friendly-family-trees

  10. LLNL-PRES-698283 10 ▪ git init (create the repo) ▪ git

    add (add files / changes) ▪ git status (check status) ▪ git commit (save changes) Gitting Started

  11. LLNL-PRES-698283 11 Creating a new repo: `git init`

  12. LLNL-PRES-698283 12 Seeing what’s changed: `git status`

  13. LLNL-PRES-698283 13 Tracking a new file: `git add <FILENAME>`

  14. LLNL-PRES-698283 14 Initial commit: `git commit -m “<message>” `

  15. LLNL-PRES-698283 15 Good Commit Messages Merge branch 'asdfasjkfdlas/alkdjf' into sdkjfls-final

    https://xkcd.com/1296/

  16. LLNL-PRES-698283 16 ▪ git diff (changes) ▪ git show (commit

    details) Understanding your changes

  17. LLNL-PRES-698283 17 Making changes: `git diff [<reference>] [--] [<filename>]`

  18. LLNL-PRES-698283 18 Making changes: `git diff [<reference>] [--] [<filename>]`

  19. LLNL-PRES-698283 19 Committing All Changes: `git commit -a -m”<message>”`

  20. LLNL-PRES-698283 20 Staged vs not staged vs untracked

  21. LLNL-PRES-698283 21 Staged vs not staged vs untracked

  22. LLNL-PRES-698283 22 Staged vs not staged vs untracked

  23. LLNL-PRES-698283 23 Staged vs not staged vs untracked

  24. LLNL-PRES-698283 24 Staged vs not staged vs untracked

  25. LLNL-PRES-698283 25 Visualizing Changes: `git show [reference]`

  26. LLNL-PRES-698283 26 ▪ git log (linear history) ▪ tig (commandline

    gui) ▪ gitk (universal gui) ▪ Sourcetree (sports car gui) ▪ Git Graph / VS Code (plugin to VS Code) Viewing the history

  27. LLNL-PRES-698283 27 Visualizing Changes: `git log`

  28. LLNL-PRES-698283 28 Visualizing Changes: `git log` - advanced

  29. LLNL-PRES-698283 29 Visualizing Changes: `tig`

  30. LLNL-PRES-698283 30 Visualizing Changes: `gitk [--all]`

  31. LLNL-PRES-698283 31 Visualizing Changes: SourceTree (Mac + Windows only)

  32. LLNL-PRES-698283 32 Visualizing Changes: VS Code – Git Graph https://marketplace.visualstudio.com/items?itemName=mhutchie.git-graph

  33. LLNL-PRES-698283 33 Branches (and tags) are like sticky notes

  34. LLNL-PRES-698283 34 Git Flow https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  35. LLNL-PRES-698283 35 Git Flow: Main Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  36. LLNL-PRES-698283 36 Git Flow: Feature Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  37. LLNL-PRES-698283 37 Git Flow: Release Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  38. LLNL-PRES-698283 38 Git Flow: Maintenance Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  39. LLNL-PRES-698283 39 DEMO https://git-school.github.io/visualizing-git/

  40. LLNL-PRES-698283 40 Working with remotes

  41. LLNL-PRES-698283 41 DEMO https://git-school.github.io/visualizing- git/#free-remote Working with Remotes

  42. LLNL-PRES-698283 42 ▪ Git Tutorials — https://try.github.io/ — http://learngitbranching.js.org/ —

    https://www.atlassian.com/git/ ▪ Commandline help — $ man git — $ git –help ▪ This talk — https://speakerdeck.com/ianlee1521/intro-to-git-for-security-professionals Getting Help

  43. LLNL-PRES-698283 43 5 minute break (I’ll check in Discord for

    anyone needing help)

  44. LLNL-PRES-698283 44 Code Hosting Platforms

  45. LLNL-PRES-698283 45 Setting Up SSH Keys https://github.com/settings/keys

  46. LLNL-PRES-698283 46 Let’s Git To It!

  47. LLNL-PRES-698283 47 ▪ Reading https://adhdproject.github.io/#!WWHF/2020/Deadwood/Intro_WWHF2020_Deadw ood.md and found a link

    that isn’t rendering ▪ https://github.com/adhdproject/adhdproject.github.io/blob/master/WWHF/2020/D eadwood/Intro_WWHF2020_Deadwood.md WWHF 2020 ADHD Labs

  48. LLNL-PRES-698283 48 ▪ https://github.com/activecm/rita ▪ Reading the documentation, found a

    bug in the docs (https://github.com/activecm/rita/blob/master/docs/Docker%20Usage.md#running- rita-with-docker-compose) ACM RITA

  49. LLNL-PRES-698283 49 Click Here http://smutch.github.io/VersionControlTutorial/

  50. LLNL-PRES-698283 50

  51. LLNL-PRES-698283 51

  52. LLNL-PRES-698283 52 ▪ https://pages.github.com/ ▪ Easy way to start a

    website ▪ Uses Jekyll (https://jekyllrb.com/) ▪ All on top of Git, Hosted by GitHub ▪ Example: — https://github.com/ianlee1521/ianlee1521.github.io — Becomes https://ianlee1521.com Build your own website with GitHub Pages

  53. LLNL-PRES-698283 53 ▪ https://github.com/activecm/rita — Documentation updates? ▪ https://github.com/gentilkiwi/mimikatz —

    Add LICENSE file? ▪ https://github.com/rapid7/metasploit-framework — Add a new exploit? ▪ https://github.com/byt3bl33d3r/CrackMapExec — Maybe consider adding some CI testing ? Security Tools

  54. LLNL-PRES-698283 54 ▪ https://github.com/adhdproject/awesome-active-defense ▪ https://github.com/juliocesarfort/public-pentesting-reports ▪ https://github.com/sbilly/awesome-security ▪ https://github.com/onlurking/awesome-infosec

    ▪ https://github.com/joe-shenouda/awesome-cyber-skills ▪ https://github.com/fabacab/awesome-cybersecurity-blueteam ▪ https://github.com/meirwah/awesome-incident-response ”Awesome” Lists

  55. LLNL-PRES-698283 55 ▪ I strongly encourage you to start any

    code / documentation / note projects with `git init <my-project>` ▪ Even if you NEVER intend to share it with anyone, anywhere, ever! ▪ You don’t have to be a “1337 haxor dev” to make a meaningful impact on a project. Anything!

  56. Leave things better than you found them. Thank You! $

    cat git.txt Ian Lee – @IanLee1521 Disclaimer This document was prepared as an account of work sponsored by an agency of the United States government. Neither the United States government nor Lawrence Livermore National Security, LLC, nor any of their employees makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States government or Lawrence Livermore National Security, LLC. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC, and shall not be used for advertising or product endorsement purposes.

  57. LLNL-PRES-698283 57 ▪ Git checkout ▪ Git branch Making Changes

  58. LLNL-PRES-698283 58 Making Mistakes

  59. LLNL-PRES-698283 59 Making Mistakes

  60. LLNL-PRES-698283 60 Discarding Changes: `git checkout [reference] -- <FILENAME>`

  61. LLNL-PRES-698283 61 Doing some work

  62. LLNL-PRES-698283 62 Doing some work

  63. LLNL-PRES-698283 63 Starting to branch out: `git checkout -b <branch_name>`

  64. LLNL-PRES-698283 64 Starting to branch out: `git checkout -b <branch_name>`

  65. LLNL-PRES-698283 65 Starting to branch out: `git checkout -b <branch_name>`

  66. LLNL-PRES-698283 66 Branches: `git branch`

  67. LLNL-PRES-698283 67 Renaming a branch: `git branch -m <new_name>`

  68. LLNL-PRES-698283 68 Creating new branches: `git branch <branch_name>`

  69. LLNL-PRES-698283 69 Creating new branches: `git branch <branch_name>`

  70. LLNL-PRES-698283 70 Switching branches: `git checkout <branch_name>`

  71. LLNL-PRES-698283 71 Tangent: The “HEAD” branch

  72. LLNL-PRES-698283 72 Deleting branches: `git branch -d <branch_name>`

  73. LLNL-PRES-698283 73 REALLY deleting branches: `git branch -D <branch_name>`

  74. LLNL-PRES-698283 74 Working on Master

  75. LLNL-PRES-698283 75 Divergence when working on multiple branches

  76. LLNL-PRES-698283 76 Merging branches: `git merge <other_branch>`

  77. LLNL-PRES-698283 77 Undo: `git reset --hard <reference>`

  78. LLNL-PRES-698283 78 Undo: `git reset <reference>`

  79. LLNL-PRES-698283 79 Undo: `git reset <reference>`

  80. LLNL-PRES-698283 80 Current State: We’ll come back to this...

  81. LLNL-PRES-698283 81 ▪ Git clone ▪ Git remote ▪ Git

    fetch Remotes

  82. LLNL-PRES-698283 82 Starting from existing: `git clone <url>`

  83. LLNL-PRES-698283 83 Listing the remotes: `git remote -v`

  84. LLNL-PRES-698283 84 master vs origin/master

  85. LLNL-PRES-698283 85 Adding a remote: `git remote add <alias> <url>`

  86. LLNL-PRES-698283 86 Where is origin-ssh?

  87. LLNL-PRES-698283 87 Fetching remotes: `git fetch <remote>`

  88. LLNL-PRES-698283 88 master vs origin/master vs origin-ssh/master

  89. LLNL-PRES-698283 89 Forgetting a remote: `git remote rm <alias>`

  90. LLNL-PRES-698283 90 Creating something new: `git checkout -b <your oun>`

  91. LLNL-PRES-698283 91 Creating something new: `git checkout -b <your oun>`

  92. LLNL-PRES-698283 92 Contributing back: `git push --set-upstream <remote> <branch>`

  93. LLNL-PRES-698283 93 Contributing back: `git push --set-upstream <remote> <branch>`

  94. LLNL-PRES-698283 94 Merging to remote branches

  95. LLNL-PRES-698283 95 Pushing to master: `git push [<remote> <branch>]`

  96. LLNL-PRES-698283 96 Trimming branches: `git push --delete <remote> <branch>`

  97. LLNL-PRES-698283 97 Trimming branches: `git push --delete <remote> <branch>`