LLNL-PRES-698283 This work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory under contract DE-AC52-07NA27344. Lawrence Livermore National Security, LLC Intro to Git for Security Professionals Wild West Hackin’ Fest 2020 Ian Lee @IanLee1521 

LLNL-PRES-698283 2 ▪ Computer Engineer — 2010 – 2015: Primarily Software Development • Python, Web, (some) System Administration — 2016 – Present: Cyber Security • 2016 – Present: Cyber Assessment Coordinator – Red team on super computers • 2018 – Present: Alternate Organization ISSO ▪ @IanLee1521 — twitter.com/IanLee1521 — github.com/IanLee1521 — speakerdeck.com/IanLee1521 — On Discord: IanLee1521 ▪ “Leave things better than you find them” Who Am I ? 

LLNL-PRES-698283 3 ▪ Roughly first half: — Covering the Git basics ▪ Second half: — Actually doing some stuff with Git Schedule 

LLNL-PRES-698283 4 What is version control? http://smutch.github.io/VersionControlTutorial/ 

LLNL-PRES-698283 5 Can’t I just have the version in the name? https://www.datamation.com/news/tech-comics-version-control-1.html 

LLNL-PRES-698283 6 Common Version Control Tools 

LLNL-PRES-698283 7 Fear of Git If that doesn't fix it, git.txt contains the phone number of a friend of mine who understands git. Just wait through a few minutes of 'It's really pretty simple, just think of branches as...' and eventually you'll learn the commands that will fix everything. https://xkcd.com/1597/ 

LLNL-PRES-698283 8 ▪ Required — $ git config --global user.name “Ian Lee” — $ git config --global user.email “[email protected]” ▪ Optional (but recommended) — $ git config --global color.ui true — $ git config --global credential.helper “cache --timeout=43200” — $ git config --global push.default simple ▪ For this course — $ git config --global core.pager cat Configuring Git: `man git-config` 

LLNL-PRES-698283 9 A Word About Branch Names https://www.bcadoption.com/resources/articles/adoption-friendly-family-trees 

LLNL-PRES-698283 10 ▪ git init (create the repo) ▪ git add (add files / changes) ▪ git status (check status) ▪ git commit (save changes) Gitting Started 

LLNL-PRES-698283 11 Creating a new repo: `git init` 

LLNL-PRES-698283 12 Seeing what’s changed: `git status` 

LLNL-PRES-698283 13 Tracking a new file: `git add ` 

LLNL-PRES-698283 14 Initial commit: `git commit -m “” ` 

LLNL-PRES-698283 15 Good Commit Messages Merge branch 'asdfasjkfdlas/alkdjf' into sdkjfls-final https://xkcd.com/1296/ 

LLNL-PRES-698283 16 ▪ git diff (changes) ▪ git show (commit details) Understanding your changes 

LLNL-PRES-698283 17 Making changes: `git diff [] [--] []` 

LLNL-PRES-698283 18 Making changes: `git diff [] [--] []` 

LLNL-PRES-698283 19 Committing All Changes: `git commit -a -m””` 

LLNL-PRES-698283 20 Staged vs not staged vs untracked 

LLNL-PRES-698283 21 Staged vs not staged vs untracked 

LLNL-PRES-698283 22 Staged vs not staged vs untracked 

LLNL-PRES-698283 23 Staged vs not staged vs untracked 

LLNL-PRES-698283 24 Staged vs not staged vs untracked 

LLNL-PRES-698283 25 Visualizing Changes: `git show [reference]` 

LLNL-PRES-698283 26 ▪ git log (linear history) ▪ tig (commandline gui) ▪ gitk (universal gui) ▪ Sourcetree (sports car gui) ▪ Git Graph / VS Code (plugin to VS Code) Viewing the history 

LLNL-PRES-698283 27 Visualizing Changes: `git log` 

LLNL-PRES-698283 28 Visualizing Changes: `git log` - advanced 

LLNL-PRES-698283 29 Visualizing Changes: `tig` 

LLNL-PRES-698283 30 Visualizing Changes: `gitk [--all]` 

LLNL-PRES-698283 31 Visualizing Changes: SourceTree (Mac + Windows only) 

LLNL-PRES-698283 32 Visualizing Changes: VS Code – Git Graph https://marketplace.visualstudio.com/items?itemName=mhutchie.git-graph 

LLNL-PRES-698283 33 Branches (and tags) are like sticky notes 

LLNL-PRES-698283 34 Git Flow https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow 

LLNL-PRES-698283 35 Git Flow: Main Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow 

LLNL-PRES-698283 36 Git Flow: Feature Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow 

LLNL-PRES-698283 37 Git Flow: Release Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow 

LLNL-PRES-698283 38 Git Flow: Maintenance Branches https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow 

LLNL-PRES-698283 39 DEMO https://git-school.github.io/visualizing-git/ 

LLNL-PRES-698283 40 Working with remotes 

LLNL-PRES-698283 41 DEMO https://git-school.github.io/visualizing- git/#free-remote Working with Remotes 

LLNL-PRES-698283 42 ▪ Git Tutorials — https://try.github.io/ — http://learngitbranching.js.org/ — https://www.atlassian.com/git/ ▪ Commandline help — $ man git — $ git –help ▪ This talk — https://speakerdeck.com/ianlee1521/intro-to-git-for-security-professionals Getting Help 

LLNL-PRES-698283 43 5 minute break (I’ll check in Discord for anyone needing help) 

LLNL-PRES-698283 44 Code Hosting Platforms 

LLNL-PRES-698283 45 Setting Up SSH Keys https://github.com/settings/keys 

LLNL-PRES-698283 46 Let’s Git To It! 

LLNL-PRES-698283 47 ▪ Reading https://adhdproject.github.io/#!WWHF/2020/Deadwood/Intro_WWHF2020_Deadw ood.md and found a link that isn’t rendering ▪ https://github.com/adhdproject/adhdproject.github.io/blob/master/WWHF/2020/D eadwood/Intro_WWHF2020_Deadwood.md WWHF 2020 ADHD Labs 

LLNL-PRES-698283 48 ▪ https://github.com/activecm/rita ▪ Reading the documentation, found a bug in the docs (https://github.com/activecm/rita/blob/master/docs/Docker%20Usage.md#running- rita-with-docker-compose) ACM RITA 

LLNL-PRES-698283 49 Click Here http://smutch.github.io/VersionControlTutorial/ 

LLNL-PRES-698283 50 

LLNL-PRES-698283 51 

LLNL-PRES-698283 52 ▪ https://pages.github.com/ ▪ Easy way to start a website ▪ Uses Jekyll (https://jekyllrb.com/) ▪ All on top of Git, Hosted by GitHub ▪ Example: — https://github.com/ianlee1521/ianlee1521.github.io — Becomes https://ianlee1521.com Build your own website with GitHub Pages 

LLNL-PRES-698283 53 ▪ https://github.com/activecm/rita — Documentation updates? ▪ https://github.com/gentilkiwi/mimikatz — Add LICENSE file? ▪ https://github.com/rapid7/metasploit-framework — Add a new exploit? ▪ https://github.com/byt3bl33d3r/CrackMapExec — Maybe consider adding some CI testing ? Security Tools 

LLNL-PRES-698283 54 ▪ https://github.com/adhdproject/awesome-active-defense ▪ https://github.com/juliocesarfort/public-pentesting-reports ▪ https://github.com/sbilly/awesome-security ▪ https://github.com/onlurking/awesome-infosec ▪ https://github.com/joe-shenouda/awesome-cyber-skills ▪ https://github.com/fabacab/awesome-cybersecurity-blueteam ▪ https://github.com/meirwah/awesome-incident-response ”Awesome” Lists 

LLNL-PRES-698283 55 ▪ I strongly encourage you to start any code / documentation / note projects with `git init ` ▪ Even if you NEVER intend to share it with anyone, anywhere, ever! ▪ You don’t have to be a “1337 haxor dev” to make a meaningful impact on a project. Anything! 

Leave things better than you found them. Thank You! $ cat git.txt Ian Lee – @IanLee1521 Disclaimer This document was prepared as an account of work sponsored by an agency of the United States government. Neither the United States government nor Lawrence Livermore National Security, LLC, nor any of their employees makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States government or Lawrence Livermore National Security, LLC. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States government or Lawrence Livermore National Security, LLC, and shall not be used for advertising or product endorsement purposes. 

LLNL-PRES-698283 57 ▪ Git checkout ▪ Git branch Making Changes 

LLNL-PRES-698283 58 Making Mistakes 

LLNL-PRES-698283 59 Making Mistakes 

LLNL-PRES-698283 60 Discarding Changes: `git checkout [reference] -- ` 

LLNL-PRES-698283 61 Doing some work 

LLNL-PRES-698283 62 Doing some work 

LLNL-PRES-698283 63 Starting to branch out: `git checkout -b ` 

LLNL-PRES-698283 64 Starting to branch out: `git checkout -b ` 

LLNL-PRES-698283 65 Starting to branch out: `git checkout -b ` 

LLNL-PRES-698283 66 Branches: `git branch` 

LLNL-PRES-698283 67 Renaming a branch: `git branch -m ` 

LLNL-PRES-698283 68 Creating new branches: `git branch ` 

LLNL-PRES-698283 69 Creating new branches: `git branch ` 

LLNL-PRES-698283 70 Switching branches: `git checkout ` 

LLNL-PRES-698283 71 Tangent: The “HEAD” branch 

LLNL-PRES-698283 72 Deleting branches: `git branch -d ` 

LLNL-PRES-698283 73 REALLY deleting branches: `git branch -D ` 

LLNL-PRES-698283 74 Working on Master 

LLNL-PRES-698283 75 Divergence when working on multiple branches 

LLNL-PRES-698283 76 Merging branches: `git merge ` 

LLNL-PRES-698283 77 Undo: `git reset --hard ` 

LLNL-PRES-698283 78 Undo: `git reset ` 

LLNL-PRES-698283 79 Undo: `git reset ` 

LLNL-PRES-698283 80 Current State: We’ll come back to this... 

LLNL-PRES-698283 81 ▪ Git clone ▪ Git remote ▪ Git fetch Remotes 

LLNL-PRES-698283 82 Starting from existing: `git clone ` 

LLNL-PRES-698283 83 Listing the remotes: `git remote -v` 

LLNL-PRES-698283 84 master vs origin/master 

LLNL-PRES-698283 85 Adding a remote: `git remote add ` 

LLNL-PRES-698283 86 Where is origin-ssh? 

LLNL-PRES-698283 87 Fetching remotes: `git fetch ` 

LLNL-PRES-698283 88 master vs origin/master vs origin-ssh/master 

LLNL-PRES-698283 89 Forgetting a remote: `git remote rm ` 

LLNL-PRES-698283 90 Creating something new: `git checkout -b ` 

LLNL-PRES-698283 91 Creating something new: `git checkout -b ` 

LLNL-PRES-698283 92 Contributing back: `git push --set-upstream ` 

LLNL-PRES-698283 93 Contributing back: `git push --set-upstream ` 

LLNL-PRES-698283 94 Merging to remote branches 

LLNL-PRES-698283 95 Pushing to master: `git push [ ]` 

LLNL-PRES-698283 96 Trimming branches: `git push --delete ` 

LLNL-PRES-698283 97 Trimming branches: `git push --delete `