Google Cloud Platform Security Testing and Auditing Solutions

The following outlines a list of software that have been developed in cloud security auditing for optimizing security in Google Cloud platforms. A list of solutions is presented with their respective github descriptions.

Picture of the article

GCPBucketBrute

Picture of the article

A script to enumerate Google Storage buckets, determine what access are enabled, and determine if they can be privilege escalated.

Detailed information and setup information: https://github.com/RhinoSecurityLabs/GCPBucketBrute

GCP IAM Collector

Picture of the article

Python scripts for collecting and visualizing Google Cloud Platform IAM permissions

Detailed information and setup information: https://github.com/marcin-kolda/gcp-iam-collector

PurplePanda

Picture of the article

This tool fetches resources from different cloud/saas applications focusing on permissions in order to identify privilege escalation paths and dangerous permissions in the cloud/saas configurations.

Detailed information and setup information: https://github.com/carlospolop/PurplePanda

GCP Firewall Enum

Picture of the article

This tool analyzes the output of several gcloud commands to determine which compute instances have network ports exposed to the public Internet.

Detailed information and setup information: https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_firewall_enum