วีดีโอ

Very Helpful

Deja el link

Can you please provide the script so that I can follow the entire walkthrough??

HI Levin , The default deployment of checkpoint cloud guard on AWS is 100 GB, but I want to increase the hard drive capacity to 200 GB after deploying, what should I do?

How about bypassing https😅

Finally a video that helped. Thank you!

Good explanation

Hi Levin , But I don't want to add an elastic IP to the local Server (in private subnet) and just use a private IP running through Checkpoint to go out to the internet? How can config route table ?

My depployment fails with below error.Is controller supposed to contain some account details? . ERROR: Controller check-point-autoprovision failed ERROR details: Unexpected HTTP code: 403 Testing management configuration... Testing management connectivity... From cme.log Failed to scan for gateway instances in the cloud account check-point-autoprovision.

😂😂😂❤❤❤❤😂😂😂❤❤❤🎉

The main challenge lies in bypassing WAF (Web Application Firewall) with SQLMAP. Additionally, SQLMAP is unable to bypass XOR-based encoding and complex time-based query restrictions. To address this, some Pakistani hackers have developed their own version of SQLMAP known as GHAURI. Similarly, the ATLAS tool works in conjunction with SQLMAP to suggest the most suitable WAF bypass tamper scripts. I hope to see advanced tutorials on these topics in the near future. Below is a list of WAFs that SQLMAP finds difficult to bypass: 🙁 #1) AppTrana #2) Prophaze WAF #3) Cloudflare WAF #4) Sucuri Website Firewall #5) AWS WAF #6) Akamai #7) Imperva #8) Citrix WAF #9) F5 Advanced #10) Barracuda #11) Fortinet FortiWeb #12) SiteLock Thank you.

Great content. And what is the relevance of configuring the Server Configuration options (Web, Mail and/or DNS Server) of the Host Object?

Hi Shay, are you also going to do a AppSec deep dive on Azure?

how to access NLB using 443 port?,...iam able to get pods healthy on 80 port but not on 443 for nlb, can you help

hi Shay, we are deploying this solution. Our customer is using the last versions of AHV, FLOW and Calm. the blueprint doesn't work properly: the cloudguard VMs are created but we can't find the service chain when trying to redirect traffic using a security policy. should we downgrade to versions mentioned in the sk173224? please how can we reach to Daniel? thanks for help.

Really good... do u have aws session like this kindly share.

Can u share the lab link again

Brother, I want to communicate with you. I have a problem and I want to solve it. Thank you. It is necessary, brother. I want to communicate

Any other scenarios to apply this method because most site have json protection

Thanks very helpful.

now failed crate

Hello Shay..... Hope you are doing well.... Your videos are very informative and I am looking for Checkpoint Cloud Security... Could you please share your Mail/no ?

OpenSSH client is already installed on Windows 10 Pro and above by default ;)

Thank you for this

Hi Shay, Can we get a link on how to use the azpeer.sh script to automatically create the peering via Bash cli in Azure. The script you used at minute 1:06:05

How to further escalate it? To get business effects and bounty? Thanks

Please make beginner to advance level practical live website hacking, live website bug hunting, live website penetration testing, live website exploitation content video series... 🙏 😊 💯✌❤💚💙💜😍😘🤝

HI Shay i have created a similar setup in Azure not the checkpoint scale set but Checkpoint high availability cluster similar to your southbound cluster. I am not able to do the source NAT (LocalGatewayInternal) that you created in your scale set model for port 2999 and 3000. If we remove default route pointed towards backend load balancer for the associated server subnets it stops working ( means we cannot access the web page). So that mean source NAT is not working as you shown in your setup. If you remove default route pointing towards Backend LB of your checkpoint scale set associated with the backend server subnet it will stop working. That means source NAT is not taking place. I am stuck hear because in my production setup all servers are having other default Gateways and some reason cannot point traffic to backend LB. Source NAT is not working and hence stuck for some solution.

The link not Working

Great

Thanks for the video...

Great news 😁👍

I really appreciated this walkthrough! Great job :)

i was wondering why aws does not simply enables bgp from an appliance that can inject the next hop to the routing table of the tgw and that's it . no need even for static routes etc. it will also solve all the "redundancy" issues and leave it clean... also those with less budget, will not have to use 2 firewalls. you could use only 1. this one will advertise more specific routes and when its gone, the traffic will fall back to "no fw state" where communication would keep smoothly. you would surely not need to use gwlb. nor anything else. or invent new features. plain old networking.

Hello Shay - great video. I am just missing one point - how TGW decides where to route the traffic from spokes, to TGW net 01 or TGW net 02 in Security VPC?

In a scenario with out GWLB, using clusterXL, a transit gw & two spoke VPCs, can you route inbound web traffic directly to your security vpc? Our load balancer is in our VPC & we are just using a N/S architecture. IOW, can you have an IGW on your security VPC? Then, your gw could terminate, decrypt, inspect, encrypt and route that to the appropriate VPC hosting your web server. I'm looking at using clusterXL in my security VPC, not GWLB.

This is GOLD. Thanks Shay for recording that

I like the Idea! How about a Cloud Service Offering for the Functionality ?

Hi where i can get an aci simulator

Thank you for your great video. Could you please explain how you connect real world with your aci-sim vm. There are two vm interface which is 192.168.10.0/24 only for management interface. Howdo you make Leaf-to-ACISIMvm's interface binding? Thanx