tbhaxor
  • About Me
  • Projects
  • Series
Subscribe
Tagged

forensics

A collection of 3 posts

Exploiting Insecure Docker Registry
docker

Exploiting Insecure Docker Registry

Assume you're in a situation where you can't use Docker. How would you use the remote registry to get image FS layers? This guide will walk you through using simply the curl command to interface with the Docker registry.

  • Gurkirat Singh
Gurkirat Singh Apr 4, 2022 • 4 min read
Hunting for Malicious Binaries and Backdoors in the Running Containers
docker

Hunting for Malicious Binaries and Backdoors in the Running Containers

An attacker might exploit one of the container's service and install malicious apps or a backdoor to get access to your container later. In this post, you'll learn how to use the "docker diff" plugin to do forensics and incident response on a running docker container.

  • Gurkirat Singh
Gurkirat Singh Apr 1, 2022 • 5 min read
Analyzing Docker Image for Retrieving Secrets
docker

Analyzing Docker Image for Retrieving Secrets

In this tour, you'll learn how to start a container from a checkpoint to restore its process and memory state, as well as how to utilise container-diff tool to analyze the exported docker images.

  • Gurkirat Singh
Gurkirat Singh Mar 29, 2022 • 5 min read
tbhaxor © 2022
Powered by Ghost