Resources

Enum

Tool	Description
UpdateCloudIPs	Collects the latest IP addresses used by AWS/GCP/Azure Full list for GCP: https://cloud.google.com/compute/docs/faq#ipranges
cloud_enum	Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and GCP Usage: python cloudenum.py -k keyword
cloud-service-enum	Cloud Services Enumeration
cloudlist	Obtain public assets (hostnames, IPs)

Exploitation

Tool	Description
GCP BucketBrute	Enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated Usage: $ python3 gcpbucketbrute.py -k <KEYWORD> -f <sa-priv-key.pem> -o ./out.txt
CCAT	Cloud Container Attack Tool (CCAT) A tool for testing security of container environments (ECS, EKS, and ECR)
PrivEscScanner	Scan your project hierarchy for all permissions granted to all members, then check for privilege escalation vulnerabilities