Charl-alexandre Le Brun Senior Penetration Tester, Desjardins
Charl-Alexandre is a dedicated member of the information security community. With several years of experience as a penetration tester, he is driven by a strong passion for developing innovative tools and techniques that advance the field and contribute to the broader community.
Talk: The OpenGraph diary: Attack path management applied to Ansible
Talks will be streamed on YouTube and Twitch for free.
This presentation will focus on AnsibleHound, a collector that adds Ansible WorX and Ansible Tower attack paths to BloodHound. Additionally, we will conduct a thorough exploration of Ansible exploitation and abuse through attack path management. This will enable both attackers and defenders to identify hybrid attack paths.
Our presentation will provide you with three key takeaways:
- Discovery and offensive knowledge for Ansible exploitation
- Integrate Ansible in the identity surface using AnsibleHound
- Hybrid attack paths exploitation between Active Directory, Ansible and Github