The RhinoSecurityLabs’ IAM Privilege Escalation in GCP repository on GitHub is a collection of methods for IAM privilege escalation in Google Cloud Platform (GCP), documented by the Rhino Security Labs team.
It includes two main components:
-
PrivEscScanner Folder: This includes tools for enumerating permissions for all members in a GCP account and a scanner to identify privilege escalation vulnerabilities. It involves two steps: first, enumerating member permissions, and then checking for privilege escalation.
-
ExploitScripts Folder: This contains scripts for each privilege escalation method covered, along with additional resources like Cloud Function and Docker image for certain methods.
These components provide a comprehensive toolkit for identifying and addressing privilege escalation vulnerabilities in GCP environments.
GitHub
Category
GCP - IAM