GCP - Security Post Exploitation

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au fuata sisi kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

Usalama

Kwa maelezo zaidi angalia:

GCP - Security Enum

`securitycenter.muteconfigs.create`

Zuia uzalishaji wa matokeo ambayo yanaweza kugundua mshambuliaji kwa kuunda muteconfig:

# Create Muteconfig
gcloud scc muteconfigs create my-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\""

`securitycenter.muteconfigs.update`

Zuia uzalishaji wa matokeo ambayo yanaweza kugundua mshambuliaji kwa kuboresha muteconfig:

# Update Muteconfig
gcloud scc muteconfigs update my-test-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\""

`securitycenter.findings.bulkMuteUpdate`

Zima matokeo kulingana na filtr:

# Mute based on a filter
gcloud scc findings bulk-mute --organization=929851756715 --filter="category=\"XSS_SCRIPTING\""

Kupatikana kwa kimya hakutonekana kwenye dashibodi ya SCC na ripoti.

`securitycenter.findings.setMute`

Zima kupatikana kulingana na chanzo, kupatikana...

gcloud scc findings set-mute 789 --organization=organizations/123 --source=456 --mute=MUTED

`securitycenter.findings.update`

Sasisha ugunduzi ili kuonyesha taarifa zisizo sahihi:

gcloud scc findings update `myFinding` --organization=123456 --source=5678 --state=INACTIVE

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousGCP - Secretmanager Post Exploitation NextGCP - Workflows Post Exploitation

Last updated 3 days ago

Usalama

Kwa maelezo zaidi angalia:

GCP - Security Enum

securitycenter.muteconfigs.create

Zuia uzalishaji wa matokeo ambayo yanaweza kugundua mshambuliaji kwa kuunda muteconfig:

# Create Muteconfig
gcloud scc muteconfigs create my-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\""

securitycenter.muteconfigs.update

Zuia uzalishaji wa matokeo ambayo yanaweza kugundua mshambuliaji kwa kuboresha muteconfig:

# Update Muteconfig
gcloud scc muteconfigs update my-test-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\""

securitycenter.findings.bulkMuteUpdate

Zima matokeo kulingana na filtr:

# Mute based on a filter
gcloud scc findings bulk-mute --organization=929851756715 --filter="category=\"XSS_SCRIPTING\""

Kupatikana kwa kimya hakutonekana kwenye dashibodi ya SCC na ripoti.

securitycenter.findings.setMute

Zima kupatikana kulingana na chanzo, kupatikana...

gcloud scc findings set-mute 789 --organization=organizations/123 --source=456 --mute=MUTED

securitycenter.findings.update

Sasisha ugunduzi ili kuonyesha taarifa zisizo sahihi:

gcloud scc findings update `myFinding` --organization=123456 --source=5678 --state=INACTIVE