Table of Contents

• Domain-protect-gcp
• gcp_scanner
• gcpwn
• gcp_firewall_enum

Domain-protect-gcp

Similar from domain-protect, but from OWASP

(Detection of potential ATOs in a GCP project)

GitHub GitHub - domain-protect/domain-protect-gcp: Protect against subdomain takeoverDomai

gcp_scanner

GitHub GitHub - google/gcp_scanner: A comprehensive scanner for Google Cloud

(python, pip)

# Having a SA JSON "here" (./):
python3 scanner.py -k ./ -o output/

# Open the Visualizer tool
gcp-scanner-visualizer

Official docs: https://github.com/google/gcp_scanner/blob/main/visualization_tool/docs/USAGE.md

gcpwn

gcp_firewall_enum

VERY Useful:

• Enumerate Compute instances,
• Retrieve Firewall rules
• Match FW Rules with Compute instances with a table:

GitLab GitLab.com / GitLab Security Department / Security Operations Department / Red Team / Red Team Public / Tools / gcp_firewall_enum · GitLab