GCP ??? ?? ? ??? ???

Nov 16, 201914 likes10,015 views

DONGMIN LEE

DevFest on Campus 2019 ????

GCP ??? ?? ? ??? ???
???, TmaxSoft
reoim10@gmail.com

???? ?? ??
?? ???? ????? ? ??? ??..
?? ?? ? +@ ? ?? ? ??..

2018? 11? AWS Korea region ??
Multi-vendor ????? ????

??? ???? ? 2 ???? ??? ?? ???? ???
?? ?? . .
AWS + Azure ?
AWS + G C P ?
??? ????? GCP(?????) ??? .

GCP Engineer,
Architect
Position
GCP Engineer,
Architect
Candidates
GCP ??? ??? ???? ?? ????.. ???? ??

?? GCP ???
???
Seoul? ????
42?
???? ? ??

2? GCP Associate Cloud Engineer ??
4? GCP Professional Data Engineer ??
5? GCP Professional Cloud Architect ??
7? GCP Professional Network Engineer ??

?? ?? ??
???? CLOUD ??? - ?????
???? Data Engineering ??? - Google Cloud Next 19 Extended Korea
GCP Certi?cations - Google Cloud NEXT RECAP
2019 ?? ???? Completion ceremony ?? ?? ??
Toy Project? ???? ?? ? - DevFest Seoul 2019
GCP Certi?cations - Google Cloud Summit 2019

??? ?? ??
???? + ?? + ?? ?? ??? ??? ?? - ?? 47% ??
Google Cloud Customer Engineer ??? - ??? ??
?? ??? ?? 1? ???? - ?? ??
100?? ???? PropTech ???? - ?? ??
???? ?? - ?? ??
????? - ??
Amazon Web Services - ??

??? ?? ? ??? ??
??? ??? ???? ?? ???
+ ?? ?? ?? ??? ??? ??
???? ????? 2??(?? ??)

?? ???
?? ??? ???? ??
??? ?? ? ??? ??
?? ??? ??? ??? ????
????? ????? ??

???? ??
Google Developer Group
9X?? ??? ?? (? 8X ?? ???? ??)
?? ??? ?? ????
?????? GCP, AWS, Azure Korea user ??

??, ???? ??
??? ?? ?? ??? ??
???? ?? ???? ??? ??
??? ?? ??? ????? ??
???? ??? ?? ??? ?? ???? ????

?? ??? ?????? ???
?? ???? ? GCP ? ?? ???
?? ??? Github ???? ?? ???

3? ??
GCP ???? ???, ???
+
?? ???
=
?? ??
???

This document discusses using Windows Management Instrumentation (WMI) to create fileless backdoors and persistent implants. It begins with an overview of WMI and its class structure. It then covers duplicating existing WMI classes to hide backdoor methods and storing payloads in WMI properties. The document also introduces creating custom WMI providers using .NET to implement backdoor functionality directly in WMI. It concludes by examining options for registering custom WMI providers, including manually registering through WMI calls to avoid event log warnings. In summary, the document explores abusing WMI's class inheritance and provider models to develop advanced fileless and persistent backdoors on Windows systems.

Advanced nginx in mercari - How to handle over 1,200,000 HTTPS Reqs/MinMasahiro Nagano

??It???? ?? 2?Seong-Bok Lee

[OpenInfra Days Korea 2018] Day 2 - E5: GPU on KubernetesOpenStack Korea Community

I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...DirkjanMollema

Azure AD is everything but a domain controller in the cloud. This talk will cover what Azure AD is, how it is commonly integrated with Active Directory and how security boundaries extend into the cloud, covering sync account password recovery, privilege escalations in Azure AD and full admin account takeovers using limited on-premise privileges. While Active Directory has been researched for years and the security boundaries and risks are generally well documented, more and more organizations are extending their network into the cloud. A prime example of this is Office 365, which Microsoft offers through their Azure cloud. Connecting the on-premise Active Directory with the cloud introduces new attack surface both for the cloud and the on-premise directory. This talk looks at the way the trust between Active Directory and Azure is set up and can be abused through the Azure AD Connect tool. We will take a dive into how the synchronization is set up, how the high-privilege credentials for both the cloud and Active Directory are protected (and can be obtained) and what permissions are associated with these accounts. The talk will outline how a zero day in common setups was discovered through which on-premise users with limited privileges could take over the highest administration account in Azure and potentially compromise all cloud assets. We will also take a look at the Azure AD architecture and common roles, and how attackers could backdoor or escalate privileges in cloud setups. Lastly we will look at how to prevent against these kind of attacks and why your AD Connect server is perhaps one of the most critical assets in the on-premise infrastructure.

[NDC18] ??? ?? ??? - ��??? ?: ???�� ?? ?? ?? ???Chanwoong Kim

Windows Attacks AT is the new blackRob Fuller

This document provides techniques for escalating privileges on Windows systems. It begins with an overview of tricks that can grant escalated privileges to users or administrators. Specific techniques discussed include exploiting misconfigurations, using keyloggers, searching for credentials on systems, exploiting Group Policy Preferences files, unattended installation files, Windows Deployment Services, binary path modifications, service configuration issues, and registry permissions problems. The document then covers methods for escalating from an administrative user to SYSTEM level privileges like using Metasploit exploits, Sysinternals tools, binary replacement, and WMIC. It concludes with sections on achieving persistence and bypassing authentication.

??? ????Arawn Park

[NDC17] Kubernetes? ???? ??? ????SeungYong Oh

??? TDD 101?? ?

MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...MITRE - ATT&CKcon

Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Quest

F5 SIRT - F5 ASM WAF - DDoS protection Lior Rotkovitch

??? ?? ??? (??)Heungsub Lee

IoT Edge Processing with Apache NiFi and MiniFi and Apache MXNet for IoT NY 2018Timothy Spann

Windows IOCP vs Linux EPOLL Performance ComparisonSeungmo Koo

TF?? ? ???? 9??? ?? : ???? ??? ??? ??Seongyun Byeon

Grafana Mimir and VictoriaMetrics_ Performance Tests.pptxRomanKhavronenko

VictoriaMetrics and Grafana Mimir are time series databases with support of mostly the same protocols and APIs. However, they have different architectures and components, which makes the comparison more complicated. In the talk, we'll go through the details of the benchmark where I compared both solutions. We'll see how VictoriaMetrics and Mimir are dealing with identical workloads and how efficient they��re with using the allocated resources. The talk will cover design and architectural details, weak and strong points, trade-offs, and maintenance complexity of both solutions.?

How to build massive service for advanceDaeMyung Kang

[NDC18] ??? ? ???? ??? ????? ???: ?? ??? ?? ?? ??Hyojun Jeon

??????????????????????? airs???????_?????????????????NAVER D2

F5 DDoS ProtectionMarketingArrowECS_CZ

F5 provides both on-premises and cloud-based DDoS protection solutions. Their hybrid approach mitigates attacks at the network, transport, and application layers using hardware-accelerated detection and filtering of over 110 DDoS vector types. Key capabilities include comprehensive L3-L7 protection, multi-terabit cloud scrubbing, and integration of network firewall and web application firewall technologies to strengthen security and ensure application availability even during large DDoS attacks.

Time-Based Blind SQL Injection using Heavy QueriesChema Alonso

???? CLOUD ???(???)DONGMIN LEE

20190615_??????????_????_????_????BaeJunHyun

More Related Content

What's hot (20)

[OpenInfra Days Korea 2018] Day 2 - E5: GPU on KubernetesOpenStack Korea Community

I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...DirkjanMollema

[NDC18] ??? ?? ??? - ��??? ?: ???�� ?? ?? ?? ???Chanwoong Kim

Windows Attacks AT is the new blackRob Fuller

??? ????Arawn Park

[NDC17] Kubernetes? ???? ??? ????SeungYong Oh

??? TDD 101?? ?

MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...MITRE - ATT&CKcon

Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Quest

F5 SIRT - F5 ASM WAF - DDoS protection Lior Rotkovitch

??? ?? ??? (??)Heungsub Lee

IoT Edge Processing with Apache NiFi and MiniFi and Apache MXNet for IoT NY 2018Timothy Spann

Windows IOCP vs Linux EPOLL Performance ComparisonSeungmo Koo

TF?? ? ???? 9??? ?? : ???? ??? ??? ??Seongyun Byeon

Grafana Mimir and VictoriaMetrics_ Performance Tests.pptxRomanKhavronenko

How to build massive service for advanceDaeMyung Kang

[NDC18] ??? ? ???? ??? ????? ???: ?? ??? ?? ?? ??Hyojun Jeon

??????????????????????? airs???????_?????????????????NAVER D2

F5 DDoS ProtectionMarketingArrowECS_CZ

Time-Based Blind SQL Injection using Heavy QueriesChema Alonso

[OpenInfra Days Korea 2018] Day 2 - E5: GPU on KubernetesOpenStack Korea Community

I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...DirkjanMollema

[NDC18] ??? ?? ??? - ��??? ?: ???�� ?? ?? ?? ???Chanwoong Kim

Windows Attacks AT is the new blackRob Fuller

??? ????Arawn Park

[NDC17] Kubernetes? ???? ??? ????SeungYong Oh

??? TDD 101?? ?

MITRE ATT&CKcon 2.0: Zeek-based ATT&CK Metrics and Gap Analysis; Allan Thomso...MITRE - ATT&CKcon

Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Quest

F5 SIRT - F5 ASM WAF - DDoS protection Lior Rotkovitch

??? ?? ??? (??)Heungsub Lee

IoT Edge Processing with Apache NiFi and MiniFi and Apache MXNet for IoT NY 2018Timothy Spann

Windows IOCP vs Linux EPOLL Performance ComparisonSeungmo Koo

TF?? ? ???? 9??? ?? : ???? ??? ??? ??Seongyun Byeon

Grafana Mimir and VictoriaMetrics_ Performance Tests.pptxRomanKhavronenko

How to build massive service for advanceDaeMyung Kang

[NDC18] ??? ? ???? ??? ????? ???: ?? ??? ?? ?? ??Hyojun Jeon

??????????????????????? airs???????_?????????????????NAVER D2

F5 DDoS ProtectionMarketingArrowECS_CZ

Time-Based Blind SQL Injection using Heavy QueriesChema Alonso

Similar to GCP ??? ?? ? ??? ??? (20)

???? CLOUD ???(???)DONGMIN LEE

20190615_??????????_????_????_????BaeJunHyun

Bespinglobal info.pdfMinwookKim15

Golang+on+analytics+and+blockchainNAVER Engineering

Google Cloud NEXT'17 ??Yongyoon Shin

???, ?? ?? ?????? ?? ? - ?? ?? ???? ??? ??, NDC2019devCAT Studio, NEXON

??????? ???? ??? ?? ?? ?? AI ??? ?? - AWS Summit Seoul 2017Amazon Web Services Korea

RPA (ROBOTIC PROCESS AUTOMATION)ssuser9a50211

??? ???? ?? ??? ?: ??? ???? ??? ?? ???Seokjae Lee

100% Serverless big data scale production Deep Learning Systemhoondong kim

E-commerce BigData Scale AI Journeyhoondong kim

??? ???? ?? ?? ???? ??? - ???, ???, AWS AI/ML ?????? ???? ???? / ???, ?????? ...Amazon Web Services Korea

?? ??? AWS-GCP ??.pptxHAJI45

Room.d ????? 3.0 verwkddnjset

[AI & DevOps] BigData Scale Production AI ???? ?? ??? ??? ????hoondong kim

????? AI, ???? ??? ????(NBP CTO ???) - ???????NAVER CLOUD PLATFORM???? ???? ???

AWS? ???? ???? ???? ? ?? ?? - Peter Gallagher ??? ???? ???? ???? ???? ??, AWS...Amazon Web Services Korea

???? AWS?????? ?? ??? 5?? ??? ? :: ??? :: AWS Summit Seoul 2016Amazon Web Services Korea

??? ??? ??? AI ???BESPIN GLOBAL

[????] ????????, ????????? ?????Soojin Lee

???? CLOUD ???(???)DONGMIN LEE

20190615_??????????_????_????_????BaeJunHyun

Bespinglobal info.pdfMinwookKim15

Golang+on+analytics+and+blockchainNAVER Engineering

Google Cloud NEXT'17 ??Yongyoon Shin

???, ?? ?? ?????? ?? ? - ?? ?? ???? ??? ??, NDC2019devCAT Studio, NEXON

??????? ???? ??? ?? ?? ?? AI ??? ?? - AWS Summit Seoul 2017Amazon Web Services Korea

RPA (ROBOTIC PROCESS AUTOMATION)ssuser9a50211

??? ???? ?? ??? ?: ??? ???? ??? ?? ???Seokjae Lee

100% Serverless big data scale production Deep Learning Systemhoondong kim

E-commerce BigData Scale AI Journeyhoondong kim

??? ???? ?? ?? ???? ??? - ???, ???, AWS AI/ML ?????? ???? ???? / ???, ?????? ...Amazon Web Services Korea

?? ??? AWS-GCP ??.pptxHAJI45

Room.d ????? 3.0 verwkddnjset

[AI & DevOps] BigData Scale Production AI ???? ?? ??? ??? ????hoondong kim

????? AI, ???? ??? ????(NBP CTO ???) - ???????NAVER CLOUD PLATFORM???? ???? ???

AWS? ???? ???? ???? ? ?? ?? - Peter Gallagher ??? ???? ???? ???? ???? ??, AWS...Amazon Web Services Korea

???? AWS?????? ?? ??? 5?? ??? ? :: ??? :: AWS Summit Seoul 2016Amazon Web Services Korea

??? ??? ??? AI ???BESPIN GLOBAL

[????] ????????, ????????? ?????Soojin Lee

GCP ??? ?? ? ??? ???

2. GCP ??? ?? ? ??? ??? ???, TmaxSoft reoim10@gmail.com

3. ? ? ?

4. ?? ? ??? GCP ???

5. GCP ???? ???? ?? ?? ????..

8. ? ?? GCP..? ?? 1? AWS, 2? Azure? ???

10. ???? ?? ?? ?? ???? ????? ? ??? ??.. ?? ?? ? +@ ? ?? ? ??..

11. 2018? 11? AWS Korea region ?? Multi-vendor ????? ????

12. ??? ???? ? 2 ???? ??? ?? ???? ??? ?? ?? . . AWS + Azure ? AWS + G C P ? ??? ????? GCP(?????) ??? .

13. 2020? 4? GCP ?? region open

14. GCP Engineer, Architect Position GCP Engineer, Architect Candidates GCP ??? ??? ???? ?? ????.. ???? ??

16. ??? ???? ??? ???? ???? ??? ???? ??

17. ????? ?? ? ??? ?? ???? ? ??

18. ?? GCP ??? ??? Seoul? ???? 42? ???? ? ??

19. ?? ? ??? GCP ??? ? ??

20. ?????? 2019? 1? 1? GCP ?? ??

21. 2? GCP Associate Cloud Engineer ?? 4? GCP Professional Data Engineer ?? 5? GCP Professional Cloud Architect ?? 7? GCP Professional Network Engineer ??

22. ??? ?? ? ??? ??

23. ?? ?? ?? ???? CLOUD ??? - ????? ???? Data Engineering ??? - Google Cloud Next 19 Extended Korea GCP Certi?cations - Google Cloud NEXT RECAP 2019 ?? ???? Completion ceremony ?? ?? ?? Toy Project? ???? ?? ? - DevFest Seoul 2019 GCP Certi?cations - Google Cloud Summit 2019

24. ??? ?? ?? ???? + ?? + ?? ?? ??? ??? ?? - ?? 47% ?? Google Cloud Customer Engineer ??? - ??? ?? ?? ??? ?? 1? ???? - ?? ?? 100?? ???? PropTech ???? - ?? ?? ???? ?? - ?? ?? ????? - ?? Amazon Web Services - ??

25. ?? ??? ????? ??? ???..

26. ?? ?? ??? ????

27. ??? ?? ???? ?? ???? ??

28. ???? ????

29. ?? ? ??? GCP ??? ? ?? ??? ??

30. ??? ?? ? ??? ?? ??? ??? ???? ?? ??? + ?? ?? ?? ??? ??? ?? ???? ????? 2??(?? ??)

31. ??? = ??? ??? = ????

32. ?? ??? ?? ??? ???? ?? ??? ?? ? ??? ?? ?? ??? ??? ??? ???? ????? ????? ??

33. ???? ?? Google Developer Group 9X?? ??? ?? (? 8X ?? ???? ??) ?? ??? ?? ???? ?????? GCP, AWS, Azure Korea user ??

34. ??, ???? ?? ??? ?? ?? ??? ?? ???? ?? ???? ??? ?? ??? ?? ??? ????? ?? ???? ??? ?? ??? ?? ???? ????

35. ?? ???

36. ? ? ?