agent security skill risk: medium
GCP Penetration Testing with GCPBucketBrute
Provides steps to enumerate GCP storage buckets with GCPBucketBrute, test permissions via TestIamPermissions, audit IAM bindings, check service account keys, identify privilege esc…
- Policy sensitive
- Human review
- External action: medium
SKILL 4 files · 2 folders
SKILL.md
--- name: performing-gcp-penetration-testing-with-gcpbucketbrute description: "Perform GCP security testing using GCPBucketBrute for storage bucket enumeration, gcloud IAM privilege escalation" --- # Performing GCP Penetration Testing with GCPBucketBrute ## Overview This skill covers Google Cloud Platform security testing using GCPBucketBrute for storage bucket enumeration and access permission testing, combined with gcloud CLI IAM enumeration to identify privilege escalation paths. The approach tests for publicly accessible buckets, overly permissive IAM bindings, and service account key exposure. ## When to Use - When conducting security assessments that involve performing gcp penetration testing with gcpbucketbrute - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Python 3.8+ with google-cloud-storage library - GCPBucketBrute installed from RhinoSecurityLabs GitHub - gcloud CLI authenticated with test credentials - Authorized penetration testing scope for target GCP project - google-api-python-client and google-auth libraries ## Steps 1. **Enumerate Storage Buckets** — Use GCPBucketBrute with keyword permutations to discover accessible GCP storage buckets 2. **Test Bucket Permissions** — Call TestIamPermissions API on each discovered bucket to determine read/write/admin access levels 3. **Audit IAM Bindings** — Enumerate project-level IAM policies to identify overly permissive role bindings 4. **Check Service Account Keys** — Identify service accounts with user-managed keys and test for privilege escalation via impersonation 5. **Test Privilege Escalation Paths** — Check for iam.serviceAccounts.actAs, setIamPolicy, and other privilege escalation vectors 6. **Generate Findings Report** — Produce a structured security assessment with risk severity ratings ## Expected Output - JSON report of discovered buckets with permission levels - IAM privilege escalation path analysis - Service account security assessment - Risk-scored findings with remediation recommendations
REQUIRED CONTEXT
- authorized penetration testing scope for target GCP project
- gcloud CLI authenticated with test credentials
EXPECTED OUTPUT
- Format
- markdown
- Schema
- bullet_list · JSON report of discovered buckets with permission levels, IAM privilege escalation path analysis, Service account security assessment, Risk-scored findings with remediation recommendations
- Constraints
- list prerequisites and steps
- produce JSON report of buckets and IAM findings
- include risk-scored findings with remediation
SUCCESS CRITERIA
- Produce JSON report of discovered buckets with permission levels
- Provide IAM privilege escalation path analysis
- Deliver service account security assessment
- Include risk-scored findings with remediation recommendations
CAVEATS
- Dependencies
- Python 3.8+ with google-cloud-storage library
- GCPBucketBrute installed from RhinoSecurityLabs GitHub
- gcloud CLI authenticated with test credentials
- Authorized penetration testing scope for target GCP project
- google-api-python-client and google-auth libraries
- Missing context
- Exact command examples or parameters for GCPBucketBrute and gcloud
- Target project or bucket naming conventions
QUALITY
- OVERALL
- 0.68
- CLARITY
- 0.85
- SPECIFICITY
- 0.60
- REUSABILITY
- 0.55
- COMPLETENESS
- 0.70
IMPROVEMENT SUGGESTIONS
- Add concrete CLI invocation examples under each step
- Specify the exact JSON schema for the expected report output
USAGE
Copy the prompt above and paste it into your AI of choice — Claude, ChatGPT, Gemini, or anywhere else you're working. Replace any placeholder sections with your own context, then ask for the output.
MORE FOR AGENT
- MoltPass Client for AI Agent Identitiesagentsecurity
- Supply Chain Dependency Risk Auditoragentsecurity
- Supply Chain Dependency Risk Auditoragentsecurity
- Threat Modeling Security Expertagentsecurity
- Security Bluebook Policy Builderagentsecurity
- Security Bluebook Policy Builderagentsecurity
- Security Blue Book Policy Builderagentsecurity
- Threat Modeling Security Architecture Expertagentsecurity
- Supply Chain Dependency Risk Auditoragentsecurity
- Threat Modeling Security Expertagentsecurity
- SIEM Detection Rule Tuning Guideagentsecurity
- AI File Metadata Compliance Auditoragentsecurity
- Azure Storage Misconfiguration Audit Reporteragentsecurity
- Implementing PAM for Database Accessagentsecurity
- AFL++ Coverage-Guided Fuzzing Procedureagentsecurity
- Supply Chain Attack Simulation Detectoragentsecurity
- Security Audit Fix Verifieragentsecurity
- Active Directory ACL Abuse Analyzeragentsecurity
- Privileged Access Workstation Implementation Guideagentsecurity
- SSRF Vulnerability Testing and Reporting Guideagentsecurity
- Security Audit Fix Revieweragentsecurity
- AWS IAM Privilege Escalation Detectoragentsecurity
- SSL/TLS Security Assessment with Sslyzeagentsecurity
- AWS CloudTrail Anomaly Detection Guideagentsecurity
- Security Audit Fix Commit Revieweragentsecurity