Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Git for Security Professionals

Ian Lee
September 25, 2020
Technology
0
490

Intro to Git for Security Professionals

This workshop is to provide an overview and introduction to the version control system Git. This workshop will help provide an introduction to security professionals that may have no background in software development, that would like to start using their favorite open source tool, or even more, to find ways to contribute back.

Ian Lee

September 25, 2020
Tweet

More Decks by Ian Lee

See All by Ian Lee
DevOps in HPC
ianlee1521
0
54
Monitoring HPC Security at LLNL
ianlee1521
0
110
Pass On What You Have Learned: Deploying to Production
ianlee1521
0
430
Building DevOps into HPC System Administration
ianlee1521
0
79
Keeping It All Safe: LLNL HPC Security Architecture
ianlee1521
0
140
Development of the TOSS 4 STIG
ianlee1521
0
180
You Must Unlearn What You Have Learned
ianlee1521
0
58
SC21: Addressing Cybersecurity Standards / Policies in HPC Environments
ianlee1521
0
96
Intro to Git for Security Professionals - WWHF WW 2021
ianlee1521
0
110

Other Decks in Technology

See All in Technology
透過型SMTPプロキシによる送信メールの可観測性向上: Update Edition / Improved observability of outgoing emails with transparent smtp proxy: Update edition
linyows
2
200
rootlessコンテナのすゝめ - 研究室サーバーでもできる安全なコンテナ管理
kitsuya0828
3
320
TinyGoを使ったVSCode拡張機能実装
askua
2
210
DMARC 対応の話 - MIXI CTO オフィスアワー #04
bbqallstars
1
150
Evangelismo técnico: ¿qué, cómo y por qué?
trishagee
0
320
20241108_CS_LLMMT
shigashiyama
0
270
CysharpのOSS群から見るModern C#の現在地
neuecc
0
770
QAEチームが辿った3年 ボクらが改善業務にスクラムを選んだワケ / 20241108_cloudsign_ques23
bengo4com
0
1.4k
AWS Media Services 最新サービスアップデート 2024
eijikominami
0
140
ISUCONに強くなるかもしれない日々の過ごしかた/Findy ISUCON 2024-11-14
fujiwara3
8
820
元旅行会社の情シス部員が教えるおすすめなre:Inventへの行き方 / What is the most efficient way to re:Invent
naospon
2
320
AWS Lambdaと歩んだ“サーバーレス”と今後 #lambda_10years
yoshidashingo
1
150

Featured

See All Featured
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.3k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
27
2k
GitHub's CSS Performance
jonrohan
1030
460k
Code Reviewing Like a Champion
maltzj
520
39k
Making the Leap to Tech Lead
cromwellryan
133
8.9k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
48k
Become a Pro
speakerdeck
PRO
25
5k
Measuring & Analyzing Core Web Vitals
bluesmoon
3
89
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2.1k

Transcript

  1. LLNL-PRES-698283 This work was performed under the auspices of the

    U.S. Department of Energy by Lawrence Livermore National Laboratory under contract DE-AC52-07NA27344. Lawrence Livermore National Security, LLC Intro to Git for Security Professionals Wild West Hackin’ Fest 2020 Ian Lee @IanLee1521

  2. LLNL-PRES-698283 2 ▪ Computer Engineer — 2010 – 2015: Primarily

    Software Development • Python, Web, (some) System Administration — 2016 – Present: Cyber Security • 2016 – Present: Cyber Assessment Coordinator – Red team on super computers • 2018 – Present: Alternate Organization ISSO ▪ @IanLee1521 — twitter.com/IanLee1521 — github.com/IanLee1521 — speakerdeck.com/IanLee1521 — On Discord: IanLee1521 ▪ “Leave things better than you find them” Who Am I ?

  3. LLNL-PRES-698283 3 ▪ Roughly first half: — Covering the Git

    basics ▪ Second half: — Actually doing some stuff with Git Schedule

  4. LLNL-PRES-698283 4 What is version control? http://smutch.github.io/VersionControlTutorial/

  5. LLNL-PRES-698283 5 Can’t I just have the version in the

    name? https://www.datamation.com/news/tech-comics-version-control-1.html

  6. LLNL-PRES-698283 6 Common Version Control Tools

  7. LLNL-PRES-698283 7 Fear of Git If that doesn't fix it,

    git.txt contains the phone number of a friend of mine who understands git. Just wait through a few minutes of 'It's really pretty simple, just think of branches as...' and eventually you'll learn the commands that will fix everything. https://xkcd.com/1597/

  8. LLNL-PRES-698283 8 ▪ Required — $ git config --global user.name

    “Ian Lee” — $ git config --global user.email “[email protected]” ▪ Optional (but recommended) — $ git config --global color.ui true — $ git config --global credential.helper “cache --timeout=43200” — $ git config --global push.default simple ▪ For this course — $ git config --global core.pager cat Configuring Git: `man git-config`

  9. LLNL-PRES-698283 9 A Word About Branch Names https://www.bcadoption.com/resources/articles/adoption-friendly-family-trees

  10. LLNL-PRES-698283 10 ▪ git init (create the repo) ▪ git

    add (add files / changes) ▪ git status (check status) ▪ git commit (save changes) Gitting Started

  11. LLNL-PRES-698283 11 Creating a new repo: `git init`

  12. LLNL-PRES-698283 12 Seeing what’s changed: `git status`

  13. LLNL-PRES-698283 13 Tracking a new file: `git add <FILENAME>`

  14. LLNL-PRES-698283 14 Initial commit: `git commit -m “<message>” `

  15. LLNL-PRES-698283 15 Good Commit Messages Merge branch 'asdfasjkfdlas/alkdjf' into sdkjfls-final

    https://xkcd.com/1296/

  16. LLNL-PRES-698283 16 ▪ git diff (changes) ▪ git show (commit

    details) Understanding your changes

  17. LLNL-PRES-698283 17 Making changes: `git diff [<reference>] [--] [<filename>]`

  18. LLNL-PRES-698283 18 Making changes: `git diff [<reference>] [--] [<filename>]`

  19. LLNL-PRES-698283 19 Committing All Changes: `git commit -a -m”<message>”`

  20. LLNL-PRES-698283 20 Staged vs not staged vs untracked

  21. LLNL-PRES-698283 21 Staged vs not staged vs untracked

  22. LLNL-PRES-698283 22 Staged vs not staged vs untracked

  23. LLNL-PRES-698283 23 Staged vs not staged vs untracked

  24. LLNL-PRES-698283 24 Staged vs not staged vs untracked

  25. LLNL-PRES-698283 25 Visualizing Changes: `git show [reference]`

  26. LLNL-PRES-698283 26 ▪ git log (linear history) ▪ tig (commandline

    gui) ▪ gitk (universal gui) ▪ Sourcetree (sports car gui) ▪ Git Graph / VS Code (plugin to VS Code) Viewing the history

  27. LLNL-PRES-698283 27 Visualizing Changes: `git log`

  28. LLNL-PRES-698283 28 Visualizing Changes: `git log` - advanced

  29. LLNL-PRES-698283 29 Visualizing Changes: `tig`

  30. LLNL-PRES-698283 30 Visualizing Changes: `gitk [--all]`

  31. LLNL-PRES-698283 31 Visualizing Changes: SourceTree (Mac + Windows only)

  32. LLNL-PRES-698283 32 Visualizing Changes: VS Code – Git Graph https://marketplace.visualstudio.com/items?itemName=mhutchie.git-graph

  33. LLNL-PRES-698283 33 Branches (and tags) are like sticky notes

  34. LLNL-PRES-698283 34 Git Flow https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  35. LLNL-PRES-698283 35 Git Flow: Main Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  36. LLNL-PRES-698283 36 Git Flow: Feature Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  37. LLNL-PRES-698283 37 Git Flow: Release Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  38. LLNL-PRES-698283 38 Git Flow: Maintenance Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

  39. LLNL-PRES-698283 39 DEMO https://git-school.github.io/visualizing-git/

  40. LLNL-PRES-698283 40 Working with remotes

  41. LLNL-PRES-698283 41 DEMO https://git-school.github.io/visualizing- git/#free-remote Working with Remotes

  42. LLNL-PRES-698283 42 ▪ Git Tutorials — https://try.github.io/ — http://learngitbranching.js.org/ —

    https://www.atlassian.com/git/ ▪ Commandline help — $ man git — $ git –help ▪ This talk — https://speakerdeck.com/ianlee1521/intro-to-git-for-security-professionals Getting Help

  43. LLNL-PRES-698283 43 5 minute break (I’ll check in Discord for

    anyone needing help)

  44. LLNL-PRES-698283 44 Code Hosting Platforms

  45. LLNL-PRES-698283 45 Setting Up SSH Keys https://github.com/settings/keys

  46. LLNL-PRES-698283 46 Let’s Git To It!

  47. LLNL-PRES-698283 47 ▪ Reading https://adhdproject.github.io/#!WWHF/2020/Deadwood/Intro_WWHF2020_Deadw ood.md and found a link

    that isn’t rendering ▪ https://github.com/adhdproject/adhdproject.github.io/blob/master/WWHF/2020/D eadwood/Intro_WWHF2020_Deadwood.md WWHF 2020 ADHD Labs

  48. LLNL-PRES-698283 48 ▪ https://github.com/activecm/rita ▪ Reading the documentation, found a

    bug in the docs (https://github.com/activecm/rita/blob/master/docs/Docker%20Usage.md#running- rita-with-docker-compose) ACM RITA

  49. LLNL-PRES-698283 49 Click Here http://smutch.github.io/VersionControlTutorial/

  50. LLNL-PRES-698283 50

  51. LLNL-PRES-698283 51

  52. LLNL-PRES-698283 52 ▪ https://pages.github.com/ ▪ Easy way to start a

    website ▪ Uses Jekyll (https://jekyllrb.com/) ▪ All on top of Git, Hosted by GitHub ▪ Example: — https://github.com/ianlee1521/ianlee1521.github.io — Becomes https://ianlee1521.com Build your own website with GitHub Pages

  53. LLNL-PRES-698283 53 ▪ https://github.com/activecm/rita — Documentation updates? ▪ https://github.com/gentilkiwi/mimikatz —

    Add LICENSE file? ▪ https://github.com/rapid7/metasploit-framework — Add a new exploit? ▪ https://github.com/byt3bl33d3r/CrackMapExec — Maybe consider adding some CI testing ? Security Tools

  54. LLNL-PRES-698283 54 ▪ https://github.com/adhdproject/awesome-active-defense ▪ https://github.com/juliocesarfort/public-pentesting-reports ▪ https://github.com/sbilly/awesome-security ▪ https://github.com/onlurking/awesome-infosec

    ▪ https://github.com/joe-shenouda/awesome-cyber-skills ▪ https://github.com/fabacab/awesome-cybersecurity-blueteam ▪ https://github.com/meirwah/awesome-incident-response ”Awesome” Lists

  55. LLNL-PRES-698283 55 ▪ I strongly encourage you to start any

    code / documentation / note projects with `git init <my-project>` ▪ Even if you NEVER intend to share it with anyone, anywhere, ever! ▪ You don’t have to be a “1337 haxor dev” to make a meaningful impact on a project. Anything!

  56. Leave things better than you found them. Thank You! $

    cat git.txt Ian Lee – @IanLee1521 Disclaimer This document was prepared as an account of work sponsored by an agency of the United States government. Neither the United States government nor Lawrence Livermore National Security, LLC, nor any of their employees makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States government or Lawrence Livermore National Security, LLC. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC, and shall not be used for advertising or product endorsement purposes.

  57. LLNL-PRES-698283 57 ▪ Git checkout ▪ Git branch Making Changes

  58. LLNL-PRES-698283 58 Making Mistakes

  59. LLNL-PRES-698283 59 Making Mistakes

  60. LLNL-PRES-698283 60 Discarding Changes: `git checkout [reference] -- <FILENAME>`

  61. LLNL-PRES-698283 61 Doing some work

  62. LLNL-PRES-698283 62 Doing some work

  63. LLNL-PRES-698283 63 Starting to branch out: `git checkout -b <branch_name>`

  64. LLNL-PRES-698283 64 Starting to branch out: `git checkout -b <branch_name>`

  65. LLNL-PRES-698283 65 Starting to branch out: `git checkout -b <branch_name>`

  66. LLNL-PRES-698283 66 Branches: `git branch`

  67. LLNL-PRES-698283 67 Renaming a branch: `git branch -m <new_name>`

  68. LLNL-PRES-698283 68 Creating new branches: `git branch <branch_name>`

  69. LLNL-PRES-698283 69 Creating new branches: `git branch <branch_name>`

  70. LLNL-PRES-698283 70 Switching branches: `git checkout <branch_name>`

  71. LLNL-PRES-698283 71 Tangent: The “HEAD” branch

  72. LLNL-PRES-698283 72 Deleting branches: `git branch -d <branch_name>`

  73. LLNL-PRES-698283 73 REALLY deleting branches: `git branch -D <branch_name>`

  74. LLNL-PRES-698283 74 Working on Master

  75. LLNL-PRES-698283 75 Divergence when working on multiple branches

  76. LLNL-PRES-698283 76 Merging branches: `git merge <other_branch>`

  77. LLNL-PRES-698283 77 Undo: `git reset --hard <reference>`

  78. LLNL-PRES-698283 78 Undo: `git reset <reference>`

  79. LLNL-PRES-698283 79 Undo: `git reset <reference>`

  80. LLNL-PRES-698283 80 Current State: We’ll come back to this...

  81. LLNL-PRES-698283 81 ▪ Git clone ▪ Git remote ▪ Git

    fetch Remotes

  82. LLNL-PRES-698283 82 Starting from existing: `git clone <url>`

  83. LLNL-PRES-698283 83 Listing the remotes: `git remote -v`

  84. LLNL-PRES-698283 84 master vs origin/master

  85. LLNL-PRES-698283 85 Adding a remote: `git remote add <alias> <url>`

  86. LLNL-PRES-698283 86 Where is origin-ssh?

  87. LLNL-PRES-698283 87 Fetching remotes: `git fetch <remote>`

  88. LLNL-PRES-698283 88 master vs origin/master vs origin-ssh/master

  89. LLNL-PRES-698283 89 Forgetting a remote: `git remote rm <alias>`

  90. LLNL-PRES-698283 90 Creating something new: `git checkout -b <your oun>`

  91. LLNL-PRES-698283 91 Creating something new: `git checkout -b <your oun>`

  92. LLNL-PRES-698283 92 Contributing back: `git push --set-upstream <remote> <branch>`

  93. LLNL-PRES-698283 93 Contributing back: `git push --set-upstream <remote> <branch>`

  94. LLNL-PRES-698283 94 Merging to remote branches

  95. LLNL-PRES-698283 95 Pushing to master: `git push [<remote> <branch>]`

  96. LLNL-PRES-698283 96 Trimming branches: `git push --delete <remote> <branch>`

  97. LLNL-PRES-698283 97 Trimming branches: `git push --delete <remote> <branch>`