Hi my name is Shannon and I am a consultant focusing on GCP. Finding GCP offensive security resources was hard so I put them all together so no one else has to search for hours.

The purpose of this page is to provide useful tools and resources to anyone who wants to learn offensive GCP security. PM me on twitter @_shannon_mchale if you think something else should be included!

• https://github.com/priyankavergadia/google-cloud-4-words

• https://cloud.hacktricks.xyz/pentesting-cloud/gcp-pentesting

• https://github.com/RhinoSecurityLabs/GCPBucketBrute

• https://github.com/initstring/cloud_enum

• https://github.com/oldrho/ip2provider

• https://grayhatwarfare.com/

• https://github.com/nccgroup/ScoutSuite

• https://github.com/darkbitio/gcp-iam-role-permissions

• https://github.com/bartcode/gcp-iam-viz

• https://github.com/lyft/cartography

• https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/gcp_misc

• https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/gcp_firewall_enum

• https://github.com/NotSoSecure/cloud-service-enum

• https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation

• https://github.com/dxa4481/gcploit

• https://github.com/google/gcp_scanner

• https://github.com/carlospolop/PurplePanda

• https://github.com/rek7/patchy

• https://pwnedlabs.io

• https://cyberwarfare.live

• https://github.com/ine-labs/GCPGoat

• https://thunder-ctf.cloud/

• https://book.hacktricks.xyz/cloud-security/gcp-security

• https://about.gitlab.com/blog/2020/02/12/plundering-gcp-escalating-privileges-in-google-cloud-platform/

• https://irsl.medium.com/the-speckle-umbrella-story-part-2-fcc0193614ea

• https://mbrancato.github.io/2021/12/28/rce-dataflow.html

• https://desi-jarvis.medium.com/gcphound-a-swiss-army-knife-offensive-toolkit-for-google-cloud-platform-gcp-fb9e18b959b4

• https://89berner.medium.com/persistant-gcp-backdoors-with-googles-cloud-shell-2f75c83096ec

• https://cloudsecdocs.com/gcp/offensive/attacks/writeups/

• https://github.com/dxa4481/AttackingAndDefendingTheGCPMetadataAPI

• https://www.netskope.com/blog/gcp-oauth-token-hijacking-in-google-cloud-part-1

• https://medium.com/@tomaszwybraniec/google-cloud-platform-pentest-notes-service-accounts-b960dc59d93a

• https://rhinosecuritylabs.com/gcp/privilege-escalation-google-cloud-platform-part-1/

• https://jryancanty.medium.com/stop-downloading-google-cloud-service-account-keys-1811d44a97d9

• https://kloudle.com/academy/escalating-privileges-in-google-cloud-from-app-to-cloud-access/

• https://www.praetorian.com/blog/google-cloud-platform-gcp-service-account-based-privilege-escalation-paths/

• https://infosecwriteups.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794

• https://infosecwriteups.com/gcp-inspector-auditing-publicly-exposed-gcp-bucket-ac6cad55618c

• https://expel.com/blog/incident-report-spotting-an-attacker-in-gcp/

• https://www.mitiga.io/blog/google-cloud-platform-exfiltration-a-threat-hunting-guide

• Google Cloud Post-Exploitation Tactics & Techniques (BSides 2020 "Plundering GCP" Talk)
• IAM Concerned: OAuth Token Hijacking in Google Cloud (GCP)
• Compromise any GCP Org Via Cloud API Lateral Movement and Privilege Escalation
• The GCP Metadata API
• Can I hack GCP?
• Instant Threat Modeling - GCP
• May The Cloud Be With You

• https://github.com/pumasecurity/serverless-prey/tree/main/cheetah - Cloud Function reverse shell

• https://github.com/rigup/ephemeral-iam A CLI tool for temporarily escalating GCP IAM privileges to perform high privilege tasks.
• https://www.trendmicro.com/cloudoneconformity/knowledge-base/gcp/
• https://expel.com/wp-content/uploads/2022/08/Expel-GCP-mind-map-kit-080422.pdf
• https://github.com/log2timeline/dftimewolf/blob/main/docs/user-manual.md