Translated ['.github/pull_request_template.md', 'src/pentesting-cloud/az

src/pentesting-cloud/workspace-security/gws-post-exploitation.md

@@ -4,14 +4,14 @@
 
 ## Google Groups Privesc
 
-By default in workspace a **group** can be **freely accessed** by any member of the organization.\
-Workspace also allow to **grant permission to groups** (even GCP permissions), so if groups can be joined and they have extra permissions, an attacker may **abuse that path to escalate privileges**.
+Standaard in Workspace kan 'n **groep** **vrylik toeganklik** wees vir enige lid van die organisasie.\
+Workspace laat ook toe om **toestemming aan groepe te gee** (selfs GCP-toestemmings), so as groepe bygevoeg kan word en hulle het ekstra toestemmings, kan 'n aanvaller daardie pad **misbruik om voorregte te verhoog**.
 
-You potentially need access to the console to join groups that allow to be joined by anyone in the org. Check groups information in [**https://groups.google.com/all-groups**](https://groups.google.com/all-groups).
+Jy het moontlik toegang tot die konsole nodig om groepe te sluit wat deur enigeen in die org bygevoeg kan word. Kontroleer groepe-inligting in [**https://groups.google.com/all-groups**](https://groups.google.com/all-groups).
 
-### Access Groups Mail info
+### Toegang tot Groep E-pos inligting
 
-If you managed to **compromise a google user session**, from [**https://groups.google.com/all-groups**](https://groups.google.com/all-groups) you can see the history of mails sent to the mail groups the user is member of, and you might find **credentials** or other **sensitive data**.
+As jy daarin geslaag het om 'n **google gebruikersessie te kompromitteer**, kan jy vanaf [**https://groups.google.com/all-groups**](https://groups.google.com/all-groups) die geskiedenis van e-posse wat na die e-posgroepe gestuur is waarvan die gebruiker 'n lid is, sien, en jy mag **bewyse** of ander **sensitiewe data** vind.
 
 ## GCP <--> GWS Pivoting
 
@@ -19,60 +19,56 @@ If you managed to **compromise a google user session**, from [**https://groups.g
 ../gcp-security/gcp-to-workspace-pivoting/
 {{#endref}}
 
-## Takeout - Download Everything Google Knows about an account
+## Takeout - Laai Alles Af wat Google oor 'n rekening Weet
 
-If you have a **session inside victims google account** you can download everything Google saves about that account from [**https://takeout.google.com**](https://takeout.google.com/u/1/?pageId=none)
+As jy 'n **sessie binne die slagoffer se google rekening** het, kan jy alles aflaai wat Google oor daardie rekening stoor vanaf [**https://takeout.google.com**](https://takeout.google.com/u/1/?pageId=none)
 
-## Vault - Download all the Workspace data of users
+## Vault - Laai al die Workspace data van gebruikers af
 
-If an organization has **Google Vault enabled**, you might be able to access [**https://vault.google.com**](https://vault.google.com/u/1/) and **download** all the **information**.
+As 'n organisasie **Google Vault geaktiveer** het, mag jy in staat wees om toegang te verkry tot [**https://vault.google.com**](https://vault.google.com/u/1/) en **af te laai** al die **inligting**.
 
-## Contacts download
+## Kontak aflaai
 
-From [**https://contacts.google.com**](https://contacts.google.com/u/1/?hl=es&tab=mC) you can download all the **contacts** of the user.
+Vanaf [**https://contacts.google.com**](https://contacts.google.com/u/1/?hl=es&tab=mC) kan jy al die **kontakte** van die gebruiker aflaai.
 
 ## Cloudsearch
 
-In [**https://cloudsearch.google.com/**](https://cloudsearch.google.com) you can just search **through all the Workspace content** (email, drive, sites...) a user has access to. Ideal to **quickly find sensitive information**.
+In [**https://cloudsearch.google.com/**](https://cloudsearch.google.com) kan jy net **deur al die Workspace-inhoud** (e-pos, drive, webwerwe...) soek waartoe 'n gebruiker toegang het. Ideaal om **vinnige sensitiewe inligting te vind**.
 
 ## Google Chat
 
-In [**https://mail.google.com/chat**](https://mail.google.com/chat) you can access a Google **Chat**, and you might find sensitive information in the conversations (if any).
+In [**https://mail.google.com/chat**](https://mail.google.com/chat) kan jy toegang verkry tot 'n Google **Chat**, en jy mag sensitiewe inligting in die gesprekke vind (indien enige).
 
 ## Google Drive Mining
 
-When **sharing** a document you can **specify** the **people** that can access it one by one, **share** it with your **entire company** (**or** with some specific **groups**) by **generating a link**.
+Wanneer jy 'n dokument **deel**, kan jy die **mense** wat toegang kan hê, een vir een **specifiseer**, of dit met jou **hele maatskappy** (**of** met 'n paar spesifieke **groepe**) **deel** deur 'n **skakel te genereer**.
 
-When sharing a document, in the advance setting you can also **allow people to search** for this file (by **default** this is **disabled**). However, it's important to note that once users views a document, it's searchable by them.
+Wanneer jy 'n dokument deel, kan jy in die gevorderde instellings ook **toelaat dat mense soek** na hierdie lêer (per **default** is dit **deaktiveer**). Dit is egter belangrik om te noem dat sodra gebruikers 'n dokument sien, dit deur hulle soekbaar is.
 
-For sake of simplicity, most of the people will generate and share a link instead of adding the people that can access the document one by one.
+Vir eenvoudigheid sal die meeste mense 'n skakel genereer en deel eerder as om die mense wat toegang tot die dokument kan hê, een vir een by te voeg.
 
-Some proposed ways to find all the documents:
+Sommige voorgestelde maniere om al die dokumente te vind:
 
-- Search in internal chat, forums...
-- **Spider** known **documents** searching for **references** to other documents. You can do this within an App Script with[ **PaperChaser**](https://github.com/mandatoryprogrammer/PaperChaser)
+- Soek in interne chat, forums...
+- **Spider** bekende **dokumente** op soek na **verwysings** na ander dokumente. Jy kan dit binne 'n App Script doen met [**PaperChaser**](https://github.com/mandatoryprogrammer/PaperChaser)
 
-## **Keep Notes**
+## **Hou Aantekeninge**
 
-In [**https://keep.google.com/**](https://keep.google.com) you can access the notes of the user, **sensitive** **information** might be saved in here.
+In [**https://keep.google.com/**](https://keep.google.com) kan jy toegang verkry tot die aantekeninge van die gebruiker, **sensitiewe** **inligting** mag hier gestoor wees.
 
-### Modify App Scripts
+### Wysig App Scripts
 
-In [**https://script.google.com/**](https://script.google.com/) you can find the APP Scripts of the user.
+In [**https://script.google.com/**](https://script.google.com/) kan jy die APP Scripts van die gebruiker vind.
 
-## **Administrate Workspace**
+## **Administreer Workspace**
 
-In [**https://admin.google.com**/](https://admin.google.com), you might be able to modify the Workspace settings of the whole organization if you have enough permissions.
+In [**https://admin.google.com**/](https://admin.google.com) mag jy in staat wees om die Workspace-instellings van die hele organisasie te wysig as jy genoeg toestemmings het.
 
-You can also find emails by searching through all the user's invoices in [**https://admin.google.com/ac/emaillogsearch**](https://admin.google.com/ac/emaillogsearch)
+Jy kan ook e-posse vind deur deur al die gebruiker se fakture te soek in [**https://admin.google.com/ac/emaillogsearch**](https://admin.google.com/ac/emaillogsearch)
 
-## References
+## Verwysings
 
 - [https://www.youtube-nocookie.com/embed/6AsVUS79gLw](https://www.youtube-nocookie.com/embed/6AsVUS79gLw) - Matthew Bryant - Hacking G Suite: The Power of Dark Apps Script Magic
-- [https://www.youtube.com/watch?v=KTVHLolz6cE](https://www.youtube.com/watch?v=KTVHLolz6cE) - Mike Felch and Beau Bullock - OK Google, How do I Red Team GSuite?
+- [https://www.youtube.com/watch?v=KTVHLolz6cE](https://www.youtube.com/watch?v=KTVHLolz6cE) - Mike Felch en Beau Bullock - OK Google, Hoe doen ek 'n Red Team GSuite?
 
 {{#include ../../banners/hacktricks-training.md}}
-
-
-
-