GCP IAM Brute is a tool that leverages the testIamPermissions feature in Google Cloud Platform (GCP) to perform fuzz testing for different permissions within GCP.
This tool is designed to explore and test the IAM (Identity and Access Management) permissions of roles in a Google Cloud project. By utilizing the testIamPermissions API endpoint, it fuzzes various permissions to identify potential security vulnerabilities or misconfigurations.
-
Role Definition Files:
- GCP IAM Brute processes JSON files containing role definitions.
- Each file represents a role and includes the list of permissions (
includedPermissions).
-
testIamPermissionsAPI Endpoint:- The tool constructs a request payload with the extracted permissions for each role.
- It sends a request to the
testIamPermissionsAPI endpoint for the specified GCP project.
-
Response Analysis:
- The tool examines the API response to identify successful permissions and potential issues.
- If a response indicates a problem or if permissions are empty, the role is flagged for further investigation.
To use GCP IAM Brute, follow these steps:
- Clone the repository:
git clone https://github.com/hac01/gcp-iam-brute.git
- Install dependencies
pip3 install -r requirements.txt
- Run the tool
python3 main.py --access-token YOUR_GCP_API_ACCESS_TOKEN --project-id YOUR_GCP_PROJECT_ID --service-account-email YOUR_SERVICE_ACCOUNT_EMAIL
This tool should be used responsibly and only on systems that you have permission to test. Always follow ethical hacking principles and comply with applicable laws and regulations.
The role definitions used in this project were sourced from iam-dataset by iann0036.
We appreciate their work in providing a valuable collection of IAM (Identity and Access Management) roles. Please check out their repository for more details.