Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Git for Security Professionals

Ian Lee
September 25, 2020

Intro to Git for Security Professionals

This workshop is to provide an overview and introduction to the version control system Git. This workshop will help provide an introduction to security professionals that may have no background in software development, that would like to start using their favorite open source tool, or even more, to find ways to contribute back.

Ian Lee

September 25, 2020

More Decks by Ian Lee

Other Decks in Technology


  1. LLNL-PRES-698283 This work was performed under the auspices of the

    U.S. Department of Energy by Lawrence Livermore National Laboratory under contract DE-AC52-07NA27344. Lawrence Livermore National Security, LLC Intro to Git for Security Professionals Wild West Hackin’ Fest 2020 Ian Lee @IanLee1521
  2. LLNL-PRES-698283 2 ▪ Computer Engineer — 2010 – 2015: Primarily

    Software Development • Python, Web, (some) System Administration — 2016 – Present: Cyber Security • 2016 – Present: Cyber Assessment Coordinator – Red team on super computers • 2018 – Present: Alternate Organization ISSO ▪ @IanLee1521 — twitter.com/IanLee1521 — github.com/IanLee1521 — speakerdeck.com/IanLee1521 — On Discord: IanLee1521 ▪ “Leave things better than you find them” Who Am I ?
  3. LLNL-PRES-698283 3 ▪ Roughly first half: — Covering the Git

    basics ▪ Second half: — Actually doing some stuff with Git Schedule
  4. LLNL-PRES-698283 5 Can’t I just have the version in the

    name? https://www.datamation.com/news/tech-comics-version-control-1.html
  5. LLNL-PRES-698283 7 Fear of Git If that doesn't fix it,

    git.txt contains the phone number of a friend of mine who understands git. Just wait through a few minutes of 'It's really pretty simple, just think of branches as...' and eventually you'll learn the commands that will fix everything. https://xkcd.com/1597/
  6. LLNL-PRES-698283 8 ▪ Required — $ git config --global user.name

    “Ian Lee” — $ git config --global user.email “[email protected]” ▪ Optional (but recommended) — $ git config --global color.ui true — $ git config --global credential.helper “cache --timeout=43200” — $ git config --global push.default simple ▪ For this course — $ git config --global core.pager cat Configuring Git: `man git-config`
  7. LLNL-PRES-698283 10 ▪ git init (create the repo) ▪ git

    add (add files / changes) ▪ git status (check status) ▪ git commit (save changes) Gitting Started
  8. LLNL-PRES-698283 26 ▪ git log (linear history) ▪ tig (commandline

    gui) ▪ gitk (universal gui) ▪ Sourcetree (sports car gui) ▪ Git Graph / VS Code (plugin to VS Code) Viewing the history
  9. LLNL-PRES-698283 42 ▪ Git Tutorials — https://try.github.io/ — http://learngitbranching.js.org/ —

    https://www.atlassian.com/git/ ▪ Commandline help — $ man git — $ git –help ▪ This talk — https://speakerdeck.com/ianlee1521/intro-to-git-for-security-professionals Getting Help
  10. LLNL-PRES-698283 47 ▪ Reading https://adhdproject.github.io/#!WWHF/2020/Deadwood/Intro_WWHF2020_Deadw ood.md and found a link

    that isn’t rendering ▪ https://github.com/adhdproject/adhdproject.github.io/blob/master/WWHF/2020/D eadwood/Intro_WWHF2020_Deadwood.md WWHF 2020 ADHD Labs
  11. LLNL-PRES-698283 48 ▪ https://github.com/activecm/rita ▪ Reading the documentation, found a

    bug in the docs (https://github.com/activecm/rita/blob/master/docs/Docker%20Usage.md#running- rita-with-docker-compose) ACM RITA
  12. LLNL-PRES-698283 52 ▪ https://pages.github.com/ ▪ Easy way to start a

    website ▪ Uses Jekyll (https://jekyllrb.com/) ▪ All on top of Git, Hosted by GitHub ▪ Example: — https://github.com/ianlee1521/ianlee1521.github.io — Becomes https://ianlee1521.com Build your own website with GitHub Pages
  13. LLNL-PRES-698283 53 ▪ https://github.com/activecm/rita — Documentation updates? ▪ https://github.com/gentilkiwi/mimikatz —

    Add LICENSE file? ▪ https://github.com/rapid7/metasploit-framework — Add a new exploit? ▪ https://github.com/byt3bl33d3r/CrackMapExec — Maybe consider adding some CI testing ? Security Tools
  14. LLNL-PRES-698283 54 ▪ https://github.com/adhdproject/awesome-active-defense ▪ https://github.com/juliocesarfort/public-pentesting-reports ▪ https://github.com/sbilly/awesome-security ▪ https://github.com/onlurking/awesome-infosec

    ▪ https://github.com/joe-shenouda/awesome-cyber-skills ▪ https://github.com/fabacab/awesome-cybersecurity-blueteam ▪ https://github.com/meirwah/awesome-incident-response ”Awesome” Lists
  15. LLNL-PRES-698283 55 ▪ I strongly encourage you to start any

    code / documentation / note projects with `git init <my-project>` ▪ Even if you NEVER intend to share it with anyone, anywhere, ever! ▪ You don’t have to be a “1337 haxor dev” to make a meaningful impact on a project. Anything!
  16. Leave things better than you found them. Thank You! $

    cat git.txt Ian Lee – @IanLee1521 Disclaimer This document was prepared as an account of work sponsored by an agency of the United States government. Neither the United States government nor Lawrence Livermore National Security, LLC, nor any of their employees makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States government or Lawrence Livermore National Security, LLC. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC, and shall not be used for advertising or product endorsement purposes.