Ross Simpson

Bio

Ross is primarily a web services developer with years of experience in web related programming languages and technologies. He helped build the miroservices behind an application presented by Google at Google I/O 2016. 

Ross is also a web security consultant, and has worked for local fintech and mobile-payment companies, online e-commerce sites, and digital agencies.

Ross has been involved in the local hacker community for several years. Outside of work he co-runs the monthly 0xC0FFEE Cape Town meetups and has spoken at B-Sides Cape Town and ZaCon conferences previously.

Talk: Docker for Hackers

In three parts:

  1. Providing a very quick overview of what Docker is, how it differs from  Virtual Machines, where and what it runs on, and why it’s useful.
  2. Explaining how to use Docker to run pre-made images such as Kali Linux, using it for exploit compilation (eg: cross platform), creating your Docker images (how to pick a base image, how caching works, setting the CMD/ENTRYPOINT correctly), advanced settings and usage (such as directory sharing, port forwarding and network bridging, and running GUI applications such as BurpSuite inside Docker),
  3. Security issues with pre-made images, running your own command(s) in containers, how devs use Docker and the challenges they face (which are opportunities for us), how to tell if you’re inside a Docker container, and discovering other docker containers and attacking the Docker host.

The goal is not to provide a working knowledge of Docker (which a workshop might be better suited to), but rather to inspire hackers to start using and attacking Docker, having learnt about its capabilities and uses.