research:
Google Cloud: Privilege Escalation via Cloud Functions
Google Cloud: Persistance via SSH Key Addition (ID: TA0003)
Google Cloud: Enumerating Role Based Access Controls (RBAC)
tools:
gator - gcp attack toolkit for offensive research, a tool designed to aid in research and exploiting google cloud environments.
gless - eliminates unnecessary permissions and leverages gRPC for direct Cloud Function API interaction.
| gator | gcp attack toolkit for offensive research, a tool designed to aid in research and exploiting google cloud environments. |
|---|---|
| gless | eliminates unnecessary permissions and leverages gRPC for direct Cloud Function API interaction. |