anarquias

How to pass the OSCP

1. Recon
2. Find vuln
3. Exploit
4. Escalate
5. Document it

Time yourself

anarquias

AWS CLI Cheatsheet

http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html https://www.youtube.com/watch?v=_wiGpBQGCjU

Setup

anarquias

#!/usr/bin/env python

#remove public read right for all keys within a directory

#usage: remove_public.py bucketName folderName

import sys
import boto

from boto import connect_s3

anarquias

::
::#######################################################################
::
:: Change file associations to protect against common ransomware attacks
:: Note that if you legitimately use these extensions, like .bat, you will now need to execute them manually from cmd or powershell
:: Alternatively, you can right-click on them and hit 'Run as Administrator' but ensure it's a script you want to run :) 
:: ---------------------
ftype htafile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype WSHFile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype batfile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"

anarquias

Resources

• Ally's GCP Quiz
• GCP Certification Quiz
• Google Developers Codelabs
• Cloudreach Blog - Passing the exam after an initial failure
• GCP Enterprise Best Practices
• GCP Designing a Disaster Recovery Plan
• GCP Example Solutions
• Mobile Gaming Analysis Telemetry

anarquias

import boto3
from datetime import datetime

iam_client = boto3.client('iam')
iam_resource = boto3.resource('iam')


def get_UsersOlderThan(days):
    ''' Returns list of users whose PasswordLastUsed
        is greater than <days> ago.

anarquias

References

• have fun with them
• projections
• filters
• resource-keys
• scripting-gcloud
• gcloud alpha interactive
• https://medium.com/@Joachim8675309/getting-started-with-gcloud-sdk-part-1-114924737
• https://medium.com/@Joachim8675309/getting-started-with-gcloud-sdk-part-2-4d049a656f1a
• https://gist.github.com/bborysenko/97749fe0514b819a5a87611e6aea3db8

anarquias

Google Certified Professional Cloud Architect - Part 1
======================================================
GCP Overview
Google's suite of cloud computing services; run on same infra and network as google 
Compute -> App Engine, Container Engine, Compute Engine 
Storage -> Bigtable, Cloud Storage, Cloud SQL, Cloud Datastore
Big Data -> BigQuery, Pub/Sub, Dataflow, Dataproc, Datalab
Machine Learning -> Vision API, Machine Learning, Speech API, Translation API 
https://cloud.google.com/pricing
Per second pricing for instances;Private Global Fiber network;Live migration of VMs;Better performance;Industry leading security;access to innovative resources(Big data,ML)

anarquias

CI & CD:
========
2 core software development processes
CI process of automating regular code commits followed by an automated build and test process designed to highlight intergration issues early.
Additional tooling and functionality provided by Bamboo, CruiseControl, Jenkins, Go and TeamCity etc.
workflow based
CD takes the form of a workflow based process which accepts a tested software build payload from a CI server. Automates the deployment into a working QA, Pre-prod or Prod environment.
AWS CodeDeploy and CodePipeline provide CI/CD services
Elasticbeanstalk and CFN provide functionality which can be utilized by CI/CD servers.

anarquias

Autoscaling.
◾Understand autoscaling inside and out.
◾Make sure you know the differences between deploying with and without Cloudformation (as there are some deployment methods you can do with Cloudformation that you can’t without) and the command or JSON syntax to perform them.
◾Understand lifecycle hooks and the autoscaling stages they run in
◾Understand launch configurations and how they work and are updated (hint: You must replace them)
◾Understand why you may need to place an instance into STANDBY state

•Elastic Beanstalk.
◾You’ll need to know this to an advanced level.
◾Understand what stacks Beanstalk supports natively and how you would deploy a stack it doesn’t (hint: Use Docker).