https://github.com/anrbn/GCP-Attack-Defense

A Project dedicated to documenting various attack and detection vectors that can be encountered within Google Cloud Platform (GCP).
https://github.com/anrbn/GCP-Attack-Defense

cloud-security gcp gcp-functions gcp-security google-cloud-platform privilege-escalation

Last synced: about 2 months ago
JSON representation

A Project dedicated to documenting various attack and detection vectors that can be encountered within Google Cloud Platform (GCP).

• Host: GitHub
• URL: https://github.com/anrbn/GCP-Attack-Defense
• Owner: anrbn
• Created: 2023-03-03T07:00:04.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2024-04-10T12:35:37.000Z (almost 2 years ago)
• Last Synced: 2024-06-09T12:25:27.001Z (over 1 year ago)
• Topics: cloud-security, gcp, gcp-functions, gcp-security, google-cloud-platform, privilege-escalation
• Language: Python
• Homepage:
• Size: 16.3 MB
• Stars: 57
• Watchers: 3
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-lists - Detection - GCP Attack - Defense

README

          


    

    
Google Cloud - Attack & Defense Research



This project is committed to documenting various attack and detection vectors that may be encountered within the Google Cloud Platform (GCP). By cataloging these potential security threats, the project aims to provide well documented research for users to better understand the attack and defense mechanism in Google Cloud. 

This project also hopes to aid professionals in further research on both Google Cloud.

## Tools

- [gLess](https://github.com/anrbn/gLess)

- [GATOR](https://github.com/anrbn/GATOR)

## Google Cloud (GCP)

- [Cloud Function](https://github.com/anrbn/GCP-Attack-Defense/tree/main/research/Google%20Cloud/Cloud%20Function)

    - [Privilege Escalation via Cloud Functions (ID: TA0004)](https://github.com/anrbn/GCP-Attack-Defense/blob/main/research/Google%20Cloud/Cloud%20Function/PrivEsc-via-CloudFunction.md)

    - [Defense Evasion via Source Code Concealment in Cloud Functions (ID: T1564)](https://github.com/anrbn/GCP-Attack-Defense/blob/main/research/Google%20Cloud/Cloud%20Function/DefEvn-via-Source-Code-Concealment.md)

- [Compute Engine](https://github.com/anrbn/GCP-Attack-Defense/tree/main/research/Google%20Cloud/Compute%20Engine)

    - [Persistance via SSH Key Addition (ID: TA0003)](https://github.com/anrbn/GCP-Attack-Defense/tree/main/research/Google%20Cloud/Compute%20Engine/Persistance-via-SSH-Key-Addition.md)

## Questions and Issues

If you have any questions regarding any materials in this project, please don't hesitate to reach out to me via [Twitter](https://twitter.com/corvuscr0w) or [LinkedIn](https://www.linkedin.com/in/anrbn/). I'm always happy to help and provide support. Additionally, if you come across any issues or mistakes while reading the materials/using the tools, please feel free to submit an issue on the GitHub repository, and I'll work on addressing it as soon as possible. Thank you for your support! :)