GCP Assessement

Automated

• carlospolop/PurplePanda: Identify privilege escalation paths within and across different clouds (github.com)

CLI

# Get current logged in account
gcloud config get-value account

# List roles and bindings — project level
gcloud projects get-iam-policy <project>

# Get role for compute instance
gcloud projects get-iam-policy <compute_instance_name>

# Describe Role in terms of granular permissions
gcloud iam roles describe <role> --project <project> 

# Scoutesuite
python3 scout.py gcp --user-account | tee <client>.scoutsuite

Priv Esc Learning Resources

• Tutorial on privilege escalation and post exploitation tactics in Google Cloud Platform environments | GitLab
• Google Cloud Platform (GCP) Service Account-based Privilege Escalation paths - Praetorian
• Lateral Movement & Privilege Escalation in GCP; Compromise Organizations without Dropping an Implant - YouTube
• RhinoSecurityLabs/GCP-IAM-Privilege-Escalation: A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team. (github.com)
• GCP Pentesting - HackTricks Cloud

Hardening Resources

GCP Best practices | GitLab