dxa4481/gcploit external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

dxa4481/gcploit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/dxa4481/gcploit)

Close

dxa4481 / gcploitView on GitHubMore

• External links
• Readme badge

These are tools we released with our 2020 defcon/blackhat talk https://www.youtube.com/watch?v=Ml09R38jpok

☆174Feb 6, 2025Updated last year

Alternatives and similar repositories for gcploit

Users that are interested in gcploit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• allisonis / gcp-iam-sentinel-examples

  View on GitHub
  ☆28Aug 6, 2020Updated 5 years ago
• dxa4481 / AttackingAndDefendingTheGCPMetadataAPI

  View on GitHub
  This repo gives an overview of some GCP metadata API attack and defend patterns
  ☆78Mar 23, 2020Updated 6 years ago
• RhinoSecurityLabs / GCP-IAM-Privilege-Escalation

  View on GitHub
  A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.
  ☆419Oct 6, 2025Updated 6 months ago
• bgeesaman / kube-env-stealer

  View on GitHub
  Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env
  ☆102Sep 10, 2019Updated 6 years ago
• BishopFox / dufflebag

  View on GitHub
  Search exposed EBS volumes for secrets
  ☆302Apr 24, 2023Updated 3 years ago
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• spotify / terraform-google-grr

  View on GitHub
  A Terraform module for GRR: the distributed incident forensics and response framework
  ☆52May 6, 2020Updated 5 years ago
• google / gcp_scanner

  View on GitHub
  A comprehensive scanner for Google Cloud
  ☆357Dec 5, 2025Updated 4 months ago
• oldrho / ip2provider

  View on GitHub
  Resolves an IP address to the cloud provider it is hosted on
  ☆105Apr 22, 2026Updated last week
• xorrior / goesf

  View on GitHub
  Golang command line tool for the macOS Endpoint Security Framework
  ☆29Nov 25, 2019Updated 6 years ago
• RhinoSecurityLabs / GCPBucketBrute

  View on GitHub
  A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
  ☆561May 26, 2023Updated 2 years ago
• NetSPI / gcpwn

  View on GitHub
  Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…
  ☆292May 16, 2025Updated 11 months ago
• ncc-erik-steringer / Aerides

  View on GitHub
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Jan 18, 2022Updated 4 years ago
• Algbra-Labs-OSS / Chronicle

  View on GitHub
  ☆65May 21, 2024Updated last year
• antman1p / G-Calisher

  View on GitHub
  This program will connect to Google's API using an access token and inject a calendar event into a target's calendar.
  ☆17Oct 9, 2019Updated 6 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• C-h4ck-0 / Kubernetes-DNS-spoofing-POC

  View on GitHub
  Proof-of-Concept python script that implements DNS spoofing attack in Kubernetes environment from a pod located on a Worker server
  ☆15Feb 4, 2021Updated 5 years ago
• grapesfrog / GAI-is-going-well

  View on GitHub
  This is a curated collection of articles and research papers related to the unexpected or unwanted outcomes , security & privacy ri…
  ☆11Dec 17, 2025Updated 4 months ago
• nccgroup / SFPolDevChk

  View on GitHub
  Salesforce Policy Deviation Checker
  ☆30Sep 30, 2020Updated 5 years ago
• SygniaLabs / security-cloud-scout

  View on GitHub
  ☆141Mar 29, 2023Updated 3 years ago
• Netflix-Skunkworks / cloudtrail-anomaly

  View on GitHub
  ☆83Dec 5, 2019Updated 6 years ago
• GoogleCloudPlatform / active-assist

  View on GitHub
  ☆25Jun 27, 2024Updated last year
• subgraph / go-seccomp

  View on GitHub
  Go support for parsing, compiling, and installing Chromium OS Seccomp-BPF policy files.
  ☆12Mar 21, 2016Updated 10 years ago
• disruptops / assess_network

  View on GitHub
  Assess certain AWS network configurations
  ☆12Aug 22, 2018Updated 7 years ago
• GoogleCloudPlatform / security-response-automation

  View on GitHub
  Take automated actions against threats and vulnerabilities.
  ☆215Sep 14, 2023Updated 2 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• Littlehack3r / awesome-gcp-pentesting

  View on GitHub
  Tools and blogs I use to perform GCP red teams
  ☆142Jul 23, 2024Updated last year
• ReversecLabs / awspx

  View on GitHub
  A graph-based tool for visualizing effective access and resource relationships in AWS environments.
  ☆1,004Oct 4, 2022Updated 3 years ago
• SummitRoute / aws_exposable_resources

  View on GitHub
  Resource types that can be publicly exposed on AWS
  ☆331Feb 23, 2022Updated 4 years ago
• dsnezhkov / deepsea

  View on GitHub
  DeepSea Phishing Gear
  ☆122Jul 20, 2020Updated 5 years ago
• GoogleCloudPlatform / inspec-gke-cis-benchmark

  View on GitHub
  GKE CIS 1.1.0 Benchmark InSpec Profile
  ☆25Sep 7, 2021Updated 4 years ago
• secgroundzero / hashslack

  View on GitHub
  Small utility script to notify via Slack about Hashcat's progress during a password cracking session
  ☆10Mar 10, 2019Updated 7 years ago
• cedowens / SwiftBelt

  View on GitHub
  A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens
  ☆342Apr 28, 2022Updated 4 years ago
• rek7 / patchy

  View on GitHub
  Automated Persistence and Lateral Movement using GCP Patch Management
  ☆16Aug 11, 2022Updated 3 years ago
• wavestone-cdt / Invoke-CleverSpray

  View on GitHub
  Password Spraying Script detecting current and previous passwords of Active Directory User
  ☆66Sep 9, 2021Updated 4 years ago
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• projectdiscovery / cloudlist

  View on GitHub
  Cloudlist is a tool for listing Assets from multiple Cloud Providers.
  ☆1,019Apr 20, 2026Updated last week
• ReconInfoSec / adversary-emulation-map

  View on GitHub
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆17Sep 4, 2021Updated 4 years ago
• nccgroup / ccs

  View on GitHub
  ☆114Jun 8, 2023Updated 2 years ago
• RhinoSecurityLabs / dsnap

  View on GitHub
  Utility for downloading and mounting EBS snapshots using the EBS Direct API's
  ☆93Mar 17, 2025Updated last year
• salesforce / cloudsplaining

  View on GitHub
  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…
  ☆2,203Apr 21, 2026Updated last week
• domain-protect / domain-protect-gcp

  View on GitHub
  Protect against subdomain takeover
  ☆95Updated this week
• carnal0wnage / weirdAAL

  View on GitHub
  WeirdAAL (AWS Attack Library)
  ☆841Jan 13, 2025Updated last year