:: Research ::

Contents


Continuous Integration, Continuous Compromise

Instagram's Million Dollar Bug

Jenkins Google Login Bypass - CVE-2015-5298

BIOS Based Rootkits




Continuous Integration, Continuous Compromise - BSides Vancouver 2017

Intro, Background, Notes, Etc

To come soon!


Files


Presentation Slides
Decryption script for Bamboo stored secrets
Decryption script for Jenkins (new cred format!) stored secrets
Decryption script for TeamCity stored secrets