Checker

Tool to check publicly accessible GCP bucket

gcp-inspector

Tool to check publicly accessible GCP bucket.

What it does

  • Checks whether the GCP bucket from the list is publicly accessible or not.
  • Provides colored description in the cli.
    After creating a new project and enabling billing for it, open Cloud Shell and ensure that it points to the project you just created.

Prerequisites

GCP account with project.

  • Create a GCP account with project enabled
    • Install gsutil tool from the documentation or use pip.
    • Run “gsutil config” to configure shell. Else use “gcloud config set project [PROJECT_ID]” to set the project to any other project (external account for attacker’s perspective) for checking publicly accessible bucket.
    • Run “gsutil ls” to check the command is successful. This will list all the google buckets for

       

       

       

      To finish reading, please visit source site