Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Git for Security Professionals

Ian Lee
September 25, 2020
Technology
0
380

Intro to Git for Security Professionals

This workshop is to provide an overview and introduction to the version control system Git. This workshop will help provide an introduction to security professionals that may have no background in software development, that would like to start using their favorite open source tool, or even more, to find ways to contribute back.

Ian Lee

September 25, 2020
Tweet

More Decks by Ian Lee

See All by Ian Lee
Building DevOps into HPC System Administration
ianlee1521
0
19
Keeping It All Safe: LLNL HPC Security Architecture
ianlee1521
0
39
Development of the TOSS 4 STIG
ianlee1521
0
63
You Must Unlearn What You Have Learned
ianlee1521
0
36
SC21: Addressing Cybersecurity Standards / Policies in HPC Environments
ianlee1521
0
43
Intro to Git for Security Professionals - WWHF WW 2021
ianlee1521
0
92
Releasing Your First (Python) Open Source Project to the Masses!
ianlee1521
0
230
2020 LLNL Computing Virtual Expo
ianlee1521
0
190
Computing 101 - Software Engineering
ianlee1521
0
200

Other Decks in Technology

See All in Technology
沖縄観光、名物を一挙紹介!
bumptakayuki
PRO
0
140
[PHPカンファレンス沖縄2023]【実践編】良いプロダクト作りのための組織育成 健全なコードは健全な組織、健全なチームから
ikezoemakoto
0
180
YouTubeへのライブ配信機能をリリースするまで
yurihondo
0
770
JPOUG#7 Oracle Database 23c New Features
nori_shinoda
1
780
KARTEのAPIサーバ化
line_developers
PRO
1
200
自作WASMランタイムをKernelに改造する試み.pdf
riru
2
460
著作権とは何か?〜初歩的概念から権利利用法、侵害要件まで
line_developers
PRO
4
740
バクラクのAI-OCR機能を支えるアノテーションの仕組み
tomoaki25
1
310
全世界1,800万人が利用する「家族アルバム みてね」におけるNew Relic活用法 / FutureStack Tokyo 2023
isaoshimizu
1
180
Building smarter apps with machine learning, from magic to reality
picardparis
4
3.6k
DDD e Team Topologies como estes conceitos podem te dar pistas de como montar seus times de engenharia!!!
claudioed
2
240
MagicPodで実現するE2Eテスト自動化
nozomiito
0
140

Featured

See All Featured
We Have a Design System, Now What?
morganepeng
40
6.3k
Fontdeck: Realign not Redesign
paulrobertlloyd
74
4.6k
GitHub's CSS Performance
jonrohan
1021
440k
How STYLIGHT went responsive
nonsquared
89
4.4k
Fashionably flexible responsive web design (full day workshop)
malarkey
395
64k
For a Future-Friendly Web
brad_frost
168
8.2k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
16
1.4k
A designer walks into a library…
pauljervisheath
199
17k
Learning to Love Humans: Emotional Interface Design
aarron
265
38k
Designing with Data
zakiwarfel
93
4.5k
Why You Should Never Use an ORM
jnunemaker
PRO
49
8.2k
Docker and Python
trallard
31
2.3k

Transcript

  1. LLNL-PRES-698283
    This work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory
    under contract DE-AC52-07NA27344. Lawrence Livermore National Security, LLC
    Intro to Git for Security Professionals
    Wild West Hackin’ Fest 2020
    Ian Lee
    @IanLee1521

    View Slide

  2. LLNL-PRES-698283
    2
    ▪ Computer Engineer
    — 2010 – 2015: Primarily Software Development
    • Python, Web, (some) System Administration
    — 2016 – Present: Cyber Security
    • 2016 – Present: Cyber Assessment Coordinator
    – Red team on super computers
    • 2018 – Present: Alternate Organization ISSO
    ▪ @IanLee1521
    — twitter.com/IanLee1521
    — github.com/IanLee1521
    — speakerdeck.com/IanLee1521
    — On Discord: IanLee1521
    ▪ “Leave things better than you find them”
    Who Am I ?

    View Slide

  3. LLNL-PRES-698283
    3
    ▪ Roughly first half:
    — Covering the Git basics
    ▪ Second half:
    — Actually doing some stuff with Git
    Schedule

    View Slide

  4. LLNL-PRES-698283
    4
    What is version control?
    http://smutch.github.io/VersionControlTutorial/

    View Slide

  5. LLNL-PRES-698283
    5
    Can’t I just have the version in the name?
    https://www.datamation.com/news/tech-comics-version-control-1.html

    View Slide

  6. LLNL-PRES-698283
    6
    Common Version Control Tools

    View Slide

  7. LLNL-PRES-698283
    7
    Fear of Git
    If that doesn't fix it, git.txt contains the
    phone number of a friend of mine who
    understands git. Just wait through a few
    minutes of 'It's really pretty simple, just
    think of branches as...' and eventually
    you'll learn the commands that will fix
    everything.
    https://xkcd.com/1597/

    View Slide

  8. LLNL-PRES-698283
    8
    ▪ Required
    — $ git config --global user.name “Ian Lee”
    — $ git config --global user.email “[email protected]
    ▪ Optional (but recommended)
    — $ git config --global color.ui true
    — $ git config --global credential.helper “cache --timeout=43200”
    — $ git config --global push.default simple
    ▪ For this course
    — $ git config --global core.pager cat
    Configuring Git: `man git-config`

    View Slide

  9. LLNL-PRES-698283
    9
    A Word About Branch Names
    https://www.bcadoption.com/resources/articles/adoption-friendly-family-trees

    View Slide

  10. LLNL-PRES-698283
    10
    ▪ git init (create the repo)
    ▪ git add (add files / changes)
    ▪ git status (check status)
    ▪ git commit (save changes)
    Gitting Started

    View Slide

  11. LLNL-PRES-698283
    11
    Creating a new repo: `git init`

    View Slide

  12. LLNL-PRES-698283
    12
    Seeing what’s changed: `git status`

    View Slide

  13. LLNL-PRES-698283
    13
    Tracking a new file: `git add `

    View Slide

  14. LLNL-PRES-698283
    14
    Initial commit: `git commit -m “” `

    View Slide

  15. LLNL-PRES-698283
    15
    Good Commit Messages
    Merge branch 'asdfasjkfdlas/alkdjf' into
    sdkjfls-final
    https://xkcd.com/1296/

    View Slide

  16. LLNL-PRES-698283
    16
    ▪ git diff (changes)
    ▪ git show (commit details)
    Understanding your changes

    View Slide

  17. LLNL-PRES-698283
    17
    Making changes: `git diff [] [--] []`

    View Slide

  18. LLNL-PRES-698283
    18
    Making changes: `git diff [] [--] []`

    View Slide

  19. LLNL-PRES-698283
    19
    Committing All Changes: `git commit -a -m””`

    View Slide

  20. LLNL-PRES-698283
    20
    Staged vs not staged vs untracked

    View Slide

  21. LLNL-PRES-698283
    21
    Staged vs not staged vs untracked

    View Slide

  22. LLNL-PRES-698283
    22
    Staged vs not staged vs untracked

    View Slide

  23. LLNL-PRES-698283
    23
    Staged vs not staged vs untracked

    View Slide

  24. LLNL-PRES-698283
    24
    Staged vs not staged vs untracked

    View Slide

  25. LLNL-PRES-698283
    25
    Visualizing Changes: `git show [reference]`

    View Slide

  26. LLNL-PRES-698283
    26
    ▪ git log (linear history)
    ▪ tig (commandline gui)
    ▪ gitk (universal gui)
    ▪ Sourcetree (sports car gui)
    ▪ Git Graph / VS Code (plugin to VS Code)
    Viewing the history

    View Slide

  27. LLNL-PRES-698283
    27
    Visualizing Changes: `git log`

    View Slide

  28. LLNL-PRES-698283
    28
    Visualizing Changes: `git log` - advanced

    View Slide

  29. LLNL-PRES-698283
    29
    Visualizing Changes: `tig`

    View Slide

  30. LLNL-PRES-698283
    30
    Visualizing Changes: `gitk [--all]`

    View Slide

  31. LLNL-PRES-698283
    31
    Visualizing Changes: SourceTree (Mac + Windows only)

    View Slide

  32. LLNL-PRES-698283
    32
    Visualizing Changes: VS Code – Git Graph
    https://marketplace.visualstudio.com/items?itemName=mhutchie.git-graph

    View Slide

  33. LLNL-PRES-698283
    33
    Branches (and tags) are like sticky notes

    View Slide

  34. LLNL-PRES-698283
    34
    Git Flow
    https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

    View Slide

  35. LLNL-PRES-698283
    35
    Git Flow: Main Branches
    https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

    View Slide

  36. LLNL-PRES-698283
    36
    Git Flow: Feature Branches
    https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

    View Slide

  37. LLNL-PRES-698283
    37
    Git Flow: Release Branches
    https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

    View Slide

  38. LLNL-PRES-698283
    38
    Git Flow: Maintenance Branches
    https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

    View Slide

  39. LLNL-PRES-698283
    39
    DEMO
    https://git-school.github.io/visualizing-git/

    View Slide

  40. LLNL-PRES-698283
    40
    Working with remotes

    View Slide

  41. LLNL-PRES-698283
    41
    DEMO
    https://git-school.github.io/visualizing-
    git/#free-remote
    Working with Remotes

    View Slide

  42. LLNL-PRES-698283
    42
    ▪ Git Tutorials
    — https://try.github.io/
    — http://learngitbranching.js.org/
    — https://www.atlassian.com/git/
    ▪ Commandline help
    — $ man git
    — $ git –help
    ▪ This talk
    — https://speakerdeck.com/ianlee1521/intro-to-git-for-security-professionals
    Getting Help

    View Slide

  43. LLNL-PRES-698283
    43
    5 minute break
    (I’ll check in Discord for anyone needing help)

    View Slide

  44. LLNL-PRES-698283
    44
    Code Hosting Platforms

    View Slide

  45. LLNL-PRES-698283
    45
    Setting Up SSH Keys
    https://github.com/settings/keys

    View Slide

  46. LLNL-PRES-698283
    46
    Let’s Git To It!

    View Slide

  47. LLNL-PRES-698283
    47
    ▪ Reading
    https://adhdproject.github.io/#!WWHF/2020/Deadwood/Intro_WWHF2020_Deadw
    ood.md and found a link that isn’t rendering
    ▪ https://github.com/adhdproject/adhdproject.github.io/blob/master/WWHF/2020/D
    eadwood/Intro_WWHF2020_Deadwood.md
    WWHF 2020 ADHD Labs

    View Slide

  48. LLNL-PRES-698283
    48
    ▪ https://github.com/activecm/rita
    ▪ Reading the documentation, found a bug in the docs
    (https://github.com/activecm/rita/blob/master/docs/Docker%20Usage.md#running-
    rita-with-docker-compose)
    ACM RITA

    View Slide

  49. LLNL-PRES-698283
    49
    Click Here
    http://smutch.github.io/VersionControlTutorial/

    View Slide

  50. LLNL-PRES-698283
    50

    View Slide

  51. LLNL-PRES-698283
    51

    View Slide

  52. LLNL-PRES-698283
    52
    ▪ https://pages.github.com/
    ▪ Easy way to start a website
    ▪ Uses Jekyll (https://jekyllrb.com/)
    ▪ All on top of Git, Hosted by GitHub
    ▪ Example:
    — https://github.com/ianlee1521/ianlee1521.github.io
    — Becomes https://ianlee1521.com
    Build your own website with GitHub Pages

    View Slide

  53. LLNL-PRES-698283
    53
    ▪ https://github.com/activecm/rita
    — Documentation updates?
    ▪ https://github.com/gentilkiwi/mimikatz
    — Add LICENSE file?
    ▪ https://github.com/rapid7/metasploit-framework
    — Add a new exploit?
    ▪ https://github.com/byt3bl33d3r/CrackMapExec
    — Maybe consider adding some CI testing ?
    Security Tools

    View Slide

  54. LLNL-PRES-698283
    54
    ▪ https://github.com/adhdproject/awesome-active-defense
    ▪ https://github.com/juliocesarfort/public-pentesting-reports
    ▪ https://github.com/sbilly/awesome-security
    ▪ https://github.com/onlurking/awesome-infosec
    ▪ https://github.com/joe-shenouda/awesome-cyber-skills
    ▪ https://github.com/fabacab/awesome-cybersecurity-blueteam
    ▪ https://github.com/meirwah/awesome-incident-response
    ”Awesome” Lists

    View Slide

  55. LLNL-PRES-698283
    55
    ▪ I strongly encourage you to start any code / documentation / note projects with
    `git init `
    ▪ Even if you NEVER intend to share it with anyone, anywhere, ever!
    ▪ You don’t have to be a “1337 haxor dev” to make a meaningful impact on a project.
    Anything!

    View Slide

  56. Leave things better than you found them.
    Thank You!
    $ cat git.txt
    Ian Lee – @IanLee1521
    Disclaimer
    This document was prepared as an account of work sponsored by an agency of the United States government. Neither
    the United States government nor Lawrence Livermore National Security, LLC, nor any of their employees makes any
    warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or
    usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe
    privately owned rights. Reference herein to any specific commercial product, process, or service by trade name,
    trademark, manufacturer, or otherwise does not necessarily constitute or imply its endorsement, recommendation, or
    favoring by the United States government or Lawrence Livermore National Security, LLC. The views and opinions of
    authors expressed herein do not necessarily state or reflect those of the United States government or Lawrence
    Livermore National Security, LLC, and shall not be used for advertising or product endorsement purposes.

    View Slide

  57. LLNL-PRES-698283
    57
    ▪ Git checkout
    ▪ Git branch
    Making Changes

    View Slide

  58. LLNL-PRES-698283
    58
    Making Mistakes

    View Slide

  59. LLNL-PRES-698283
    59
    Making Mistakes

    View Slide

  60. LLNL-PRES-698283
    60
    Discarding Changes: `git checkout [reference] -- `

    View Slide

  61. LLNL-PRES-698283
    61
    Doing some work

    View Slide

  62. LLNL-PRES-698283
    62
    Doing some work

    View Slide

  63. LLNL-PRES-698283
    63
    Starting to branch out: `git checkout -b `

    View Slide

  64. LLNL-PRES-698283
    64
    Starting to branch out: `git checkout -b `

    View Slide

  65. LLNL-PRES-698283
    65
    Starting to branch out: `git checkout -b `

    View Slide

  66. LLNL-PRES-698283
    66
    Branches: `git branch`

    View Slide

  67. LLNL-PRES-698283
    67
    Renaming a branch: `git branch -m `

    View Slide

  68. LLNL-PRES-698283
    68
    Creating new branches: `git branch `

    View Slide

  69. LLNL-PRES-698283
    69
    Creating new branches: `git branch `

    View Slide

  70. LLNL-PRES-698283
    70
    Switching branches: `git checkout `

    View Slide

  71. LLNL-PRES-698283
    71
    Tangent: The “HEAD” branch

    View Slide

  72. LLNL-PRES-698283
    72
    Deleting branches: `git branch -d `

    View Slide

  73. LLNL-PRES-698283
    73
    REALLY deleting branches: `git branch -D `

    View Slide

  74. LLNL-PRES-698283
    74
    Working on Master

    View Slide

  75. LLNL-PRES-698283
    75
    Divergence when working on multiple branches

    View Slide

  76. LLNL-PRES-698283
    76
    Merging branches: `git merge `

    View Slide

  77. LLNL-PRES-698283
    77
    Undo: `git reset --hard `

    View Slide

  78. LLNL-PRES-698283
    78
    Undo: `git reset `

    View Slide

  79. LLNL-PRES-698283
    79
    Undo: `git reset `

    View Slide

  80. LLNL-PRES-698283
    80
    Current State: We’ll come back to this...

    View Slide

  81. LLNL-PRES-698283
    81
    ▪ Git clone
    ▪ Git remote
    ▪ Git fetch
    Remotes

    View Slide

  82. LLNL-PRES-698283
    82
    Starting from existing: `git clone `

    View Slide

  83. LLNL-PRES-698283
    83
    Listing the remotes: `git remote -v`

    View Slide

  84. LLNL-PRES-698283
    84
    master vs origin/master

    View Slide

  85. LLNL-PRES-698283
    85
    Adding a remote: `git remote add `

    View Slide

  86. LLNL-PRES-698283
    86
    Where is origin-ssh?

    View Slide

  87. LLNL-PRES-698283
    87
    Fetching remotes: `git fetch `

    View Slide

  88. LLNL-PRES-698283
    88
    master vs origin/master vs origin-ssh/master

    View Slide

  89. LLNL-PRES-698283
    89
    Forgetting a remote: `git remote rm `

    View Slide

  90. LLNL-PRES-698283
    90
    Creating something new: `git checkout -b `

    View Slide

  91. LLNL-PRES-698283
    91
    Creating something new: `git checkout -b `

    View Slide

  92. LLNL-PRES-698283
    92
    Contributing back: `git push --set-upstream `

    View Slide

  93. LLNL-PRES-698283
    93
    Contributing back: `git push --set-upstream `

    View Slide

  94. LLNL-PRES-698283
    94
    Merging to remote branches

    View Slide

  95. LLNL-PRES-698283
    95
    Pushing to master: `git push [ ]`

    View Slide

  96. LLNL-PRES-698283
    96
    Trimming branches: `git push --delete `

    View Slide

  97. LLNL-PRES-698283
    97
    Trimming branches: `git push --delete `

    View Slide