Explore the vulnerabilities in CI/CD pipelines and learn how to exploit them for profit in this 25-minute conference talk from the 44CON Information Security Conference. Dive into real-world issues involving Perforce, network storage, and cross-instance compromise. Discover methodologies for secret management, report manipulation, and deployment exploitation. Examine practical tools like SSH reverse shells and research servers. Analyze a classic DNS rebinding attack on web hooks. Gain valuable insights into attacking development pipelines and understand the potential risks and rewards associated with these security weaknesses.