Skip to content

Instantly share code, notes, and snippets.

View sathishphcl's full-sized avatar

sathishphcl

3 followers · 163 following
View GitHub Profile
@sathishphcl
sathishphcl / gcp cheats.md
Created March 24, 2022 10:09 — forked from 5stars217/gcp cheats.md

Purpose

*Most pentesting and gcp privilege escalation stuff out there for GCP assumes what I'm finding to be an absurd level of access handed to you.(i.e Human 2fa protected accounts, organization-wide read only IAM perms, etc that is not suitable for use in black box testing of mature environments.
There's a lot of data you need to use the gcp api only available behind mandatory 2fa protected human accounts that service accounts and low tier project accounts simply do not have access to enumerating if you find yourself having popped an application or shelled a instance somehow and have console-only access.

Intent of this is to break down various categories of escalation that will be available to service accounts, as well as point out various showstoppers.

@sathishphcl
sathishphcl / Invoke-AzVMScript
Created June 6, 2022 15:20 — forked from JPRuskin/Invoke-AzVMScript
using namespace Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters
function Invoke-AzVMScript {
[CmdletBinding()]
param(
[Parameter(Mandatory)]
[ResourceGroupCompleter()]
[string]$ResourceGroupName,
[Parameter(Mandatory)]
@sathishphcl
sathishphcl / powershell_eventlog_parsing.ps1
Created June 8, 2022 08:36 — forked from exp0se/powershell_eventlog_parsing.ps1
Powershell log parsing
#Security log
#============
####
#4624 - Logon & Logoff events successful
#4625 - Logon unsucceful
####
# Get usernames
Get-WinEvent -path .\Security.evtx | Where {$_.id -eq "4624"} | Foreach {([xml]$_.ToXml()).GetElementsByTagName("Data").ItemOf(5)}| Select -ExpandProperty "#text" -Unique
# Get domains
@sathishphcl
sathishphcl / setupiisforsslperfectforwardsecrecy_v17.ps1
Created June 14, 2022 12:47 — forked from jbratu/setupiisforsslperfectforwardsecrecy_v17.ps1
Great powershell script for tightening HTTPS security on IIS and disabling insecure protocols and ciphers. Very useful on core installations.
# Copyright 2019, Alexander Hass
# https://www.hass.de/content/setup-microsoft-windows-or-iis-ssl-perfect-forward-secrecy-and-tls-12
#
# After running this script the computer only supports:
# - TLS 1.2
#
# Version 3.0.1, see CHANGELOG.txt for changes.
Write-Host 'Configuring IIS with SSL/TLS Deployment Best Practices...'
Write-Host '--------------------------------------------------------------------------------'
@sathishphcl
sathishphcl / mirror-images.yml
Created June 25, 2022 17:03 — forked from dcode/mirror-images.yml
Ansible playbook to pull docker images, write them to disk as tarballs, then optionally restore them to local container storage
---
- hosts: localhost
become: True
vars:
archive_path: /home/vagrant/containers
containers:
- name: quay.io/dcode/strelka_manager
tag: latest
id: 8b8321cf9c81
- name: quay.io/dcode/strelka_frontend
@sathishphcl
sathishphcl / CopyManagedDisk.ps1
Created July 15, 2022 19:34 — forked from Wuerger/CopyManagedDisk.ps1
# CopyManagedDisk.ps1
# Morgan Simonsen
# morgansimonsen.com
#
# Copies an Azure managed disk from one Azure region to another via a storage account
[CmdletBinding()]
Param(
[Parameter(Mandatory=$True,Position=1,
HelpMessage="Source resource group where the managed disk(s) to copy is.")]
@sathishphcl
sathishphcl / enable-rdp.ps1
Created August 19, 2022 01:54 — forked from jhorsman/enable-rdp.ps1
Enable Windows Remote Desktop Connection with PowerShell
# run as administrator
# reboot afterwards
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1
@sathishphcl
sathishphcl / docker-deep-dive.md
Created November 4, 2022 21:20 — forked from wesleyarchbell/docker-deep-dive.md
Docker Deep Dive - Pluralsight
@sathishphcl
sathishphcl / kubernetes-overview.md
Created November 4, 2022 21:22 — forked from wesleyarchbell/kubernetes-overview.md
Overview of Kubernetes

Kubernetes

Overview

Kubernetes is an open source system developed by Google for managing containerized applications across multiple hosts, providing basic mechanisms for deployment, maintenance, and scaling of applications. Kubernetes helps you make sure those containerized applications run where and when you want, and helps them find the resources and tools they need to work.

Kubernetes was released in February 2015 with the following goals and considerations:

  • Empower application developers with a powerful tool for Docker container orchestration without having to interact with the underlying infrastructure;
  • Provide standard deployment interface and primitives for a consistent app deployment experience and APIs across clouds;
  • Build on a Modular API core that allows vendors to integrate systems around the core Kubernetes technology.
@sathishphcl
sathishphcl / Rename-Computer.ps1
Created November 5, 2022 19:50 — forked from tonejito/Rename-Computer.ps1
Rename Windows PC via PowerShell and WMI
# Rename Windows PC via PowerShell and WMI
# http://social.technet.microsoft.com/wiki/contents/articles/7824.set-computer-name-using-powershell.aspx
# https://technet.microsoft.com/en-us/library/hh849792(v=wps.620).aspx
$ComputerName = Get-WmiObject Win32_ComputerSystem
$ComputerName.Rename($name)
Restart-Computer