Skip to content

Instantly share code, notes, and snippets.

View alekonko's full-sized avatar

alekonko alekonko

14 followers · 41 following
  • Private
  • Italy
View GitHub Profile
@alekonko
alekonko / setLoadbalancerIP.sh
Created June 7, 2024 09:12
#!/bin/bash
usage() {
echo "Usage: $0 -s <service-name> [-n <namespace>]"
exit 1
}
check_service_exists() {
if [ -z "$NAMESPACE" ]; then
kubectl get service "$SERVICE_NAME" > /dev/null 2>&1
@alekonko
alekonko / gcloud-cheat-sheet.md
Created July 4, 2023 17:07 — forked from pydevops/gcloud-cheat-sheet.md
gcp gcloud cheat sheet
@alekonko
alekonko / Dockerfile
Created June 22, 2023 09:49 — forked from mateothegreat/Dockerfile
Mounting Google Cloud Storage Bucket inside of Kubernetes Pod
# __ __
# __ ______ ____ ___ ____ _/ /____ ____ ____/ /
# / / / / __ \/ __ `__ \/ __ `/ __/ _ \/ __ \/ __ /
# / /_/ / /_/ / / / / / / /_/ / /_/ __/ /_/ / /_/ /
# \__, /\____/_/ /_/ /_/\__,_/\__/\___/\____/\__,_/
# /____ matthewdavis.io, holla!
#
FROM node:9.2-alpine
ENV GOPATH /go
@alekonko
alekonko / MustGather Operator example.md
Created June 6, 2023 09:17
@alekonko
alekonko / Terraform-looping-lists-and-maps.tf
Created May 26, 2023 10:10 — forked from devops-school/Terraform-looping-lists-and-maps.tf
Terraform looping using lists-and-maps-with-for with example
terraform {
required_version = ">= 0.12.0"
}
provider "aws" {
region = "us-east-1"
}
resource "aws_vpc" "my_vpc" {
cidr_block = "172.16.0.0/16"
@alekonko
alekonko / test-python
Created February 5, 2023 10:52
valid = {"a","b","x"}
def getMyDish(customerPref):
if customerPref == "a" :
return "Mi spiace, TortaDiRiso finita"
if customerPref == "x" :
return "! EasterEgg !"
return "Ottima scelta, hai scelto VattelaaprendereneinXXX !!"
while True:
@alekonko
alekonko / Google KMS example
Created April 9, 2022 12:59 — forked from PavelSusloparovNYT/Google KMS example
Qwiklabs Google
https://cloud.google.com/storage/docs/encryption/
BUCKET_NAME=YOUR_NAME_enron_corpus
gsutil mb gs://${BUCKET_NAME}
gsutil cp gs://enron_corpus/allen-p/inbox/1. .
tail 1.
Enable API/Create keyring
gcloud services enable cloudkms.googleapis.com
@alekonko
alekonko / gcp cheats.md
Created April 9, 2022 12:49 — forked from 5stars217/gcp cheats.md

Purpose

*Most pentesting and gcp privilege escalation stuff out there for GCP assumes what I'm finding to be an absurd level of access handed to you.(i.e Human 2fa protected accounts, organization-wide read only IAM perms, etc that is not suitable for use in black box testing of mature environments.
There's a lot of data you need to use the gcp api only available behind mandatory 2fa protected human accounts that service accounts and low tier project accounts simply do not have access to enumerating if you find yourself having popped an application or shelled a instance somehow and have console-only access.

Intent of this is to break down various categories of escalation that will be available to service accounts, as well as point out various showstoppers.

@alekonko
alekonko / gcp-shared-vpc-multi-env.sh
Created April 9, 2022 12:46 — forked from mikesparr/gcp-shared-vpc-multi-env.sh
Example multi-env secure setup with Argo CD and Argo Rollouts
#!/usr/bin/env bash
# REF: https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations
export PROJECT_ID=$(gcloud config get-value project)
export PROJECT_USER=$(gcloud config get-value core/account) # set current user
export PROJECT_NUMBER=$(gcloud projects describe $PROJECT_ID --format="value(projectNumber)")
export IDNS=${PROJECT_ID}.svc.id.goog # workflow identity domain
export GCP_REGION="us-west4" # CHANGEME (OPT)
@alekonko
alekonko / openshift-cheatsheet.md
Created November 12, 2021 15:01 — forked from rafaeltuelho/openshift-cheatsheet.md
My Openshift Cheatsheet

My Openshift Cheatsheet

Openshift build secrets for cloning git repos using SSH Keys

  • To create ssh secret:
oc create secret generic sshsecret \
    --from-file=ssh-privatekey=$HOME/.ssh/id_rsa