Guillaume Valadon
Guillaume is a Cybersecurity Researcher at GitGuardian. He holds a PhD in networking. He likes looking at data and crafting packets. He co-maintains Scapy. And he still remembers what AT+MS=V34 means!
Sessions
Publicly accessible registries and repositories are often associated with well-known SaaS platforms such as GitHub or DockerHub. However, a significant number of individuals and companies rely on self-hosted solutions like GitLab or Portainer for managing their code and container images. Surprisingly, many of these self-hosted instances are inadvertently exposed, granting unauthenticated access to repositories and container images.
This talk will explore methods for discovering publicly accessible self-hosted registries using techniques such as Certificate Transparency (CT) logs and Shodan scanning. We will discuss how to retrieve repository contents and container images from these sources, subsequently performing secrets scanning to assess the extent of exposure and raise awareness of potential security risks.
From a tooling perspective, our investigation reveals a critical gap: most scanning tools fail to retrieve images from registries that are only available via plain HTTP. We will take this opportunity to discuss the registry API, highlight its limitations, and demonstrate practical approaches for interacting with it.
Through real-world examples and hands-on insights, this talk aims to shed light on the current state of public registry exposure, providing actionable recommendations for improving security posture.