Google Cloud - Attack & Defense Research

This project is committed to documenting various attack and detection vectors that may be encountered within the Google Cloud Platform (GCP). By cataloging these potential security threats, the project aims to provide well documented research for users to better understand the attack and defense mechanism in Google Cloud.

This project also hopes to aid professionals in further research on both Google Cloud.

Tools

• gLess
• GATOR

Google Cloud (GCP)

• Cloud Function
  • Privilege Escalation via Cloud Functions (ID: TA0004)
  • Defense Evasion via Source Code Concealment in Cloud Functions (ID: T1564)
• Compute Engine
  • Persistance via SSH Key Addition (ID: TA0003)

Questions and Issues

If you have any questions regarding any materials in this project, please don't hesitate to reach out to me via Twitter or LinkedIn. I'm always happy to help and provide support. Additionally, if you come across any issues or mistakes while reading the materials/using the tools, please feel free to submit an issue on the GitHub repository, and I'll work on addressing it as soon as possible. Thank you for your support! :)