Skip to content

Latest commit

 

History

History
92 lines (63 loc) · 3.86 KB

gcp-security-post-exploitation.md

File metadata and controls

92 lines (63 loc) · 3.86 KB

GCP - Security Post Exploitation

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

Security

For more information check:

{% content-ref url="../gcp-services/gcp-security.md" %} gcp-security.md {% endcontent-ref %}

securitycenter.muteconfigs.create

Prevent generation of findings that could detect an attacker by creating a muteconfig:

{% code overflow="wrap" %}

# Create Muteconfig
gcloud scc muteconfigs create my-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\""

{% endcode %}

securitycenter.muteconfigs.update

Prevent generation of findings that could detect an attacker by updating a muteconfig:

{% code overflow="wrap" %}

# Update Muteconfig
gcloud scc muteconfigs update my-test-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\""

{% endcode %}

securitycenter.findings.bulkMuteUpdate

Mute findings based on a filer:

{% code overflow="wrap" %}

# Mute based on a filter
gcloud scc findings bulk-mute --organization=929851756715 --filter="category=\"XSS_SCRIPTING\""

{% endcode %}

A muted finding won't appear in the SCC dashboard and reports.

securitycenter.findings.setMute

Mute findings based on source, findings...

{% code overflow="wrap" %}

gcloud scc findings set-mute 789 --organization=organizations/123 --source=456 --mute=MUTED

{% endcode %}

securitycenter.findings.update

Update a finding to indicate erroneous information:

{% code overflow="wrap" %}

gcloud scc findings update `myFinding` --organization=123456 --source=5678 --state=INACTIVE

{% endcode %}

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks: