GCP - Usalama Post Exploitation

Tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

Angalia mpango wa usajili!

Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.

Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

Usalama

Kwa maelezo zaidi angalia:

GCP - Security Enum

`securitycenter.muteconfigs.create`

Zuia uzalishaji wa findings ambazo zinaweza kumgundua mshambuliaji kwa kuunda muteconfig:

Unda Muteconfig

```bash # Create Muteconfig gcloud scc muteconfigs create my-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\"" ```

`securitycenter.muteconfigs.update`

Zuia uzalishaji wa findings ambazo zinaweza kumgundua mshambuliaji kwa kusasisha muteconfig:

Sasisha Muteconfig

```bash # Update Muteconfig gcloud scc muteconfigs update my-test-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\"" ```

`securitycenter.findings.bulkMuteUpdate`

Limaza matokeo kulingana na chujio:

Limaza kwa wingi kulingana na chujio

```bash # Mute based on a filter gcloud scc findings bulk-mute --organization=929851756715 --filter="category=\"XSS_SCRIPTING\"" ```

Finding iliyokatizwa haitaonekana kwenye dashibodi ya SCC na ripoti.

`securitycenter.findings.setMute`

Kata sauti findings kulingana na source, findings…

Weka finding kama imekatizwa

```bash gcloud scc findings set-mute 789 --organization=organizations/123 --source=456 --mute=MUTED ```

`securitycenter.findings.update`

Sasisha ugunduo ili kuonyesha taarifa zisizo sahihi:

Sasisha hali ya ugunduo

```bash gcloud scc findings update `myFinding` --organization=123456 --source=5678 --state=INACTIVE ```

Tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

Angalia mpango wa usajili!

Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.

Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.