mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-22 23:26:41 -08:00

Files

Carlos Polop 5ef56bb6b3 Recreating repository history for branch master

2024-12-12 19:35:48 +01:00

4.0 KiB

Raw Blame History

GCP - Security Post Exploitation

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}

Security

For more information check:

{% content-ref url="../gcp-services/gcp-security-enum.md" %} gcp-security-enum.md {% endcontent-ref %}

`securitycenter.muteconfigs.create`

Prevent generation of findings that could detect an attacker by creating a muteconfig:

{% code overflow="wrap" %}

# Create Muteconfig
gcloud scc muteconfigs create my-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\""

{% endcode %}

`securitycenter.muteconfigs.update`

Prevent generation of findings that could detect an attacker by updating a muteconfig:

{% code overflow="wrap" %}

# Update Muteconfig
gcloud scc muteconfigs update my-test-mute-config --organization=123 --description="This is a test mute config" --filter="category=\"XSS_SCRIPTING\""

{% endcode %}

`securitycenter.findings.bulkMuteUpdate`

Mute findings based on a filer:

{% code overflow="wrap" %}

# Mute based on a filter
gcloud scc findings bulk-mute --organization=929851756715 --filter="category=\"XSS_SCRIPTING\""

{% endcode %}

A muted finding won't appear in the SCC dashboard and reports.

`securitycenter.findings.setMute`

Mute findings based on source, findings...

{% code overflow="wrap" %}

gcloud scc findings set-mute 789 --organization=organizations/123 --source=456 --mute=MUTED

{% endcode %}

`securitycenter.findings.update`

Update a finding to indicate erroneous information:

{% code overflow="wrap" %}

gcloud scc findings update `myFinding` --organization=123456 --source=5678 --state=INACTIVE

{% endcode %}

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}

4.0 KiB Raw Blame History

GCP - Security Post Exploitation

Security

securitycenter.muteconfigs.create

securitycenter.muteconfigs.update

securitycenter.findings.bulkMuteUpdate

securitycenter.findings.setMute

securitycenter.findings.update

4.0 KiB

Raw Blame History

`securitycenter.muteconfigs.create`

`securitycenter.muteconfigs.update`

`securitycenter.findings.bulkMuteUpdate`

`securitycenter.findings.setMute`

`securitycenter.findings.update`