| cloudfox |
- Helps gaining situational awareness in unfamiliar cloud environments and finding exploitable attack paths
- Introducing: CloudFox
|
| gcpdiag |
- Diagnostics tool for GCP
- It finds and helps to fix common issues in GCP projects, against a wide range of best practices and frequent mistakes
|
| ScoutSuite |
- Multi-cloud security auditing tool
- Permissions:
Viewer, Security Reviewer, Stackdriver Account Viewer - Enable
Service Usage API - Usage:
docker run --rm -it -v ~/creds/:/creds -v $(pwd)/:/src/ rossja/ncc-scoutsuite scout --provider gcp --service-account --key-file service_account.json --project-id <projectID>
|
| CS-Suite |
- Auditing the security posture of AWS/GCP/Azure infrastructure
- Permissions:
Viewer, Security Reviewer, Stackdriver Account Viewer - Usage:
docker run --rm -it -v ~/creds/:/creds -v $(pwd)/:/src/ securityftw/cs-suite -env gcp -pId <project_name>
|
| GCP CIS Benchmark Inspec Profile |
- Usage:
inspec exec https://github.com/GoogleCloudPlatform/inspec-gcp-cis-benchmark.git -t gcp:// --input gcp_project_id=<YOUR_PROJECT_ID>
|
| cloudlist |
- Obtain public assets (hostnames, IPs)
|
| gcptree |
- Like the unix
tree command but for GCP Org hierarchy
|
| GCP Cloud Asset Inventory |
- Use Cloud Asset Inventory to search for all your resources globally
- Example:
gcloud asset search-all-resources --asset-types='storage.googleapis.com/Bucket' --limit 2
|
| gcp_scanner |
- A GCP resource scanner that can help determine what level of access certain credentials posses on GCP
|