gwen001
commented
1 year ago Issue correctly handled, tool is waiting for human validation.
Closed gwen001 closed 1 year ago
gwen001
commented
1 year ago Issue correctly handled, tool is waiting for human validation.
gwen001
commented
1 year ago Tool has been accepted by the team: https://offsec.tools/tool/gcp_scanner
Thank you for your contribution!
[tags]google,cloud,scanner[/tags] [short_descr]A comprehensive scanner for Google Cloud.[/short_descr] [link] https://github.com/google/gcp_scanner [/link] [long_descr] This is a GCP resource scanner that can help determine what level of access certain credentials possess on GCP. The scanner is designed to help security engineers evaluate the impact of a certain VM/container compromise, GCP service account or OAuth2 token key leak.
Currently, the scanner supports the following GCP resources:
The scanner supports extracting and using the following types of credentials:
The scanner does not rely on any third-party tool (e.g. gcloud). Thus, it can be compiled as a standalone tool and used on a machine with no GCP SDK installed (e.g. a Kubernetes pod). [/long_descr] [image] https://raw.githubusercontent.com/gwen001/offsectools_www/main/tmp/dca2049e4b8f390aea5bf0f8f98317b1.png [/image] [image] https://raw.githubusercontent.com/gwen001/offsectools_www/main/tmp/bc44af73029fdb9ac96a4faf1f375aec.png [/image]