GCP Assessement
CLI
# Get current logged in account
gcloud config get-value account
# List roles and bindings — project level
gcloud projects get-iam-policy <project>
# Get role for compute instance
gcloud projects get-iam-policy <compute_instance_name>
# Describe Role in terms of granular permissions
gcloud iam roles describe <role> --project <project>
# Scoutesuite
python3 scout.py gcp --user-account | tee <client>.scoutsuite
Priv Esc Learning Resources
Tutorial on privilege escalation and post exploitation tactics in Google Cloud Platform environments | GitLab Google Cloud Platform (GCP) Service Account-based Privilege Escalation paths - Praetorian Lateral Movement & Privilege Escalation in GCP; Compromise Organizations without Dropping an Implant - YouTube RhinoSecurityLabs/GCP-IAM-Privilege-Escalation: A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team. (github.com) GCP Pentesting - HackTricks Cloud