GATOR – GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments.
It offers a comprehensive range of modules tailored to support users in various attack stages, spanning from Reconnaissance to Impact.
Resource Category | Primary Module | Command Group | Operation | Description |
---|---|---|---|---|
User Authentication | auth | – | activate | Activate a Specific Authentication Method |
– | add | Add a New Authentication Method | ||
– | delete | Remove a Specific Authentication Method | ||
– | list | List All Available Authentication Methods | ||
Cloud Functions | functions | – | list | List All Deployed Cloud Functions |
– | permissions | Display Permissions for a Specific Cloud Function | ||
– | triggers | List All Triggers for a Specific Cloud Function | ||
Cloud Storage | storage | buckets | list | List All Storage Buckets |
permissions | Display Permissions for Storage Buckets | |||
Compute Engine | compute | instances | add-ssh-key | Add SSH Key to Compute Instances |
Python 3.11 or newer should be installed. You can verify your Python version with the following command:
python --version
git clone https://github.com/anrbn/GATOR.git
cd GATOR
python setup.py install
pip install gator-red
Have a look at the GATOR Documentation for an explained guide on using GATOR and it’s module!
If you encounter any problems with this tool, I encourage you to let me know. Here are the steps to report an issue:
Your feedback is important, and will help improve the tool. I appreciate your contribution!
I’ll be reviewing reported issues on a regular basis and try to reproduce the issue based on your description and will communicate with you for further information if necessary. Once I understand the issue, I’ll work on a fix.
Please note that resolving an issue may take some time depending on its complexity. I appreciate your patience and understanding.
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…