search

GCP

GCP Pentesting

hashtag
Initial Access

hashtag
Google Search

Cloudchevron-right

hashtag
Misconfiguration

LogoGitHub - pwnedlabs/automated-cloud-misconfiguration-testing: Automated Cloud Misconfiguration TestingGitHubchevron-right

hashtag
CLI Recon

hashtag
Projects

IDs of projects available in account

hashtag
Buckets

List the identifier of each storage bucket created for the project

IAM members associated with the bucket - "allUsers or "allAuthenticatedUsers", the bucket is publicly available

hashtag
BigQuery

List the identifier of each BigQuery Dataset created for the project

If one or more rules are "allUsers or "allAuthenticatedUsers", the dataset is publicly available

hashtag
VM Instances

List all the VM available for the project

IAM members associated with the VM - "allAuthenticatedUsers", the VM is publicly shared with all others GCP accounts

Creat new image

View image

hashtag
KMS

List the IDs of all the KMS key rings available in account

List the resource ID of each KMS key created for the key ring

"allUsers or "allAuthenticatedUsers", the KMS key is publicly available

hashtag
SQL DB

Name of each SQL DB for the project

IAM members associated - 0.0.0.0/0 : DB is publicly accessible

hashtag
Resources

LogoPage not found - HackTricks Cloudcloud.hacktricks.xyzchevron-right
LogoDefault Account Information - Hacking The Cloudhackingthe.cloudchevron-right
PreviousResourcesNextKubernetes

Last updated