This tool automates penetration testing of Google Cloud Platform (GCP) environments. It detects zero-days, misconfigurations, privilege escalations, and credential leaks to help security teams enhance cloud security.
- Zero-Day Attack Detection β Identifies risky API permissions and unknown vulnerabilities.
- Threat Intelligence Integration β Fetches real-time CVEs and security alerts.
- Misconfiguration Scanning β Detects public storage buckets, weak IAM roles, and exposed services.
- Cloud Privilege Escalation β Finds ways to escalate access in GCP.
- Exploit Framework β Loads external Python exploit modules dynamically.
- Credential Dumping β Extracts exposed API keys, tokens, and secrets.
- Evasion Techniques β Bypasses GCP logging and security monitoring.
- Automated HTML Reporting β Saves findings in a structured security report.
- Python 3.8+
- GCP Service Account Key (with security permissions)
- Google Cloud SDK (for optional manual verification)
- Clone this repository:
git clone https://github.com/<your-username>/gcp-pentest-toolkit.git cd gcp-pentest-toolkit
- Install dependencies:
pip install -r requirements.txt
- Set up GCP credentials:
- Place your service account key JSON in the project directory.
- Export it for authentication:
export GOOGLE_APPLICATION_CREDENTIALS="path/to/service-account.json"
Run the tool interactively:
python gcp_pentest_toolkit.py| Option | Description |
|---|---|
1 |
Detect Zero-Day Attack Vectors |
2 |
Fetch Latest Threat Intelligence |
3 |
Load Exploit Plugins |
4 |
Test Evasion Techniques |
5 |
Run All Tests |
6 |
Exit |
[*] Running Zero-Day Attack Vector Detection...
[!] Potentially risky APIs detected: ['cloudadmin.googleapis.com']
[*] Fetching latest threat intelligence...
[!] New CVE Found: CVE-2025-XXXX - Privilege escalation in Google IAM
[*] Loading exploit plugins...
[+] Found exploit module: exploit_storage_misconfig.py
[*] Testing evasion techniques...
[+] Evasion command executed: export GOOGLE_CLOUD_DISABLE_TELEMETRY=1
πΉ Report saved: gcp_pentest_report_YYYY-MM-DD_HH-MM-SS.html
π¨ This tool is intended for educational and authorized security testing only. Unauthorized use against GCP environments you do not own is illegal. Use responsibly.