Cloud Security
GCP Pentesting
Google Cloud Platform (GCP) assessments focus on IAM service accounts, Cloud Storage buckets, Compute Engine instances, and Cloud Functions.
Initial Access & Enumeration
GCloud CLI authentication.
bash
gcloud auth login
gcloud auth activate-service-account --key-file=key.jsonCurrent configuration.
bash
gcloud config list
gcloud auth listProject enumeration.
bash
gcloud projects list
gcloud config set project PROJECT_IDIAM enumeration.
bash
gcloud iam service-accounts list
gcloud projects get-iam-policy PROJECT_IDCompute instances.
bash
gcloud compute instances list
gcloud compute instances describe INSTANCE_NAME --zone=ZONEStorage buckets.
bash
gsutil ls
gsutil ls gs://bucket-name/
gsutil cat gs://bucket-name/file.txtCheck public buckets.
bash
curl https://storage.googleapis.com/bucket-name/Cloud Functions.
bash
gcloud functions list
gcloud functions describe FUNCTION_NAMESecrets.
bash
gcloud secrets list
gcloud secrets versions access latest --secret="secret-name"GCP Metadata Service.
bash
curl -H "Metadata-Flavor: Google" http://169.254.169.254/computeMetadata/v1/
curl -H "Metadata-Flavor: Google" http://169.254.169.254/computeMetadata/v1/instance/service-accounts/default/tokenGCP Tools
GCPBucketBrute
EnumerationA script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
Installation
bash
python3 gcpbucketbrute.pygcp_enum
EnumerationBash script to enumerate GCP resources and export results.
Installation
bash
./gcp_enum.shHayat
ExploitationA tool for identifying privilege escalation paths in GCP IAM.
Installation
bash
go install github.com/DenizParlak/Hayat@latestgcloud CLI
ClientThe official command-line tool for Google Cloud. Essential for manual testing.
Installation
bash
brew install --cask google-cloud-sdk