GCPRecon is a tool written in python, which helps to fetch all publicly available Data from provided GCP Account, using Service Account Credentials.
There are not many tools available which are covering all the produts of Google Cloud Platforms. This motivates me to build GCPRecon for Security Researchers, which can come handy while doing Audits/Pentesting.
- Compute Engine
- App Engine
- Kubernetes Engine
- CloudSQL
- Cloud Storage
git clone https://github.com/SecTheBit/GCPRecon
pip install requirements.txt
Give Required Permissions to Service Account
- roles/appengine.appViewer
- roles/compute.viewer
- roles/cloudsql.viewer
- roles/container.viewer
- roles/iam.securityReviewer
python3 GCPRecon.py --credentials <path to service account file>
- Currently it Supports only xlsx and csv format.
- Go to https://console.cloud.google.com
- Log in to your GCP Account
- Click on Hamburger icon on left hand side and select "IAM & Admin"
- Click on Grant Access
- In principal box , select your GCP Service Account
- Go to Roles and select following roles (Only Read Access will be Required)
- App Engine Viewer
- Cloud SQL Viewer
- Compute Viewer
- Kubernetes Engine Viewer
- IAM Security Reviewer