OSLogin requires every SSH key to be tied to a user. For normal / human users the process is straight-forward and there is a lot of documentation about it. For Service Accounts, things get a little weirder… This tutorial will show you how to create an SSH key that is tied to a Service Accout…
Google Workspace / Gsuite – Use Authenticator/TOTP as 2FA without needing to register SMS or Physical Token
Introduction For some reason, users are forced to activate at least one 2FA method (SMS, token or cellphone alerts) before being allowed to activate TOTP (via Authenticator). SMS is an insecure method of 2FA, because telephone companies are usually susceptible to social engineering attacks that can transfer your number to an unauthorized user. If you…
Google Workspace / GSuite with GAM – Extract all Drive files shared externally
This is a useful command for extracting all files shared with at least one external user in Google Drive. I recommend running this command regularly to keep an eye on data exfiltration and improper sharing outside the company.
GCP – Useful GCLOUD commands for IAM auditing
Here are a few helpful gcloud commands to see important IAM information! Run these in your cloud shell or from your own machine using Cloud SDK Just switch <id> with your organization’s id. All users added to any resource in the organization This can be used to detect things such as external users added to…
Pomerium – How to install on GKE, from zero to hero
Hello! I have been using (and loving) Pomerium Enterprise for the past few months. Do you have an application that doesn’t have adequate access control or logging? Then Pomerium is the tool for you. It is an incredibly powerful and versatile zero-trust proxy (and no, that’s not a buzzword in this case). This guide will…
Google Workspace – useful GAM commands for calendar privacy
I just had a problem where Google Calendar’s default privacy setting was changed to “freeBusy” but didn’t replicate to all users. Looking into it, the privacy change is only applied if the user hasn’t changed their calendar’s default settings. It’s not clear what settings influence this. Anyway, we needed to use GAM to fix the…
GSUITE / Google Workspace – How to transform a user account into a group and keep all e-mails
Edit (15/02): Thanks to hjkimbrian for warning that there is no way to backup emails from a group. Do you have user accounts in your org that are “shared” between your employees?If you do, that’s a big no no. Account sharing is a horrible practice and is basically a ticking clock to some security incident…
Migrating Primary Domains in Gsuite (Google Workspace) – An Epic Odyssey
Edit: Thanks to UmzuzuJoe for reminding me about the necessity to update groups also. This post is based on my personal experience changing Gsuite primary domains in a medium sized organization. I hope to give you the basic idea of how your migartion should work and what to exepect – and most importantly: tell you…
How to run your own realistic Phishing Campaign easily and on a budget.
Phishing campaigns are useful for training your employees against common techniques (if you’re on the blue side) or to get some cr3ds (if you’re on the red side). This post is geared towards those on the blue side of things, but it can also be useful for red teamers and pentesters. The techniques and tools…
GCP – How to automatically export backups (MySQL and instances) to other places (AWS, Offline, etc…)
GCP has a pretty good backup system which is really easy to configure. For instances, you can schedule automatic snapshots and also convert theses snapshots to images whenever you want.For MySQL databases (not sure about the other types) you can schedule backups which are stored in a neat “full backup + incremental backups” to save…