Dive into a comprehensive 51-minute conference talk from BSidesSF 2022 exploring red team engagements in Google Cloud Platform (GCP). Learn advanced techniques for adversary simulations, including initial access, persistence methods, privilege escalation, and leveraging Google's products for command and control. Discover strategies for manipulating firewall rules, compute instances, and abusing Key Management Service and Google Cloud Storage for data decryption and exfiltration. Gain valuable insights into cloud security from experts Brad Richardson and Madhav Bhatt as they guide you through the intricacies of securing GCP environments against sophisticated attacks.
So You Think You Can Secure Your Cloud - Red Team Engagements in GCP
Security BSides San Francisco via YouTube
Overview
Syllabus
Intro
DISCLAIMER!!
GCP 101
Persistence via SSH Key
Persistence via Service Account
Persistence via Start-up Script
SSH via Browser
Continued: Persistence on Project
Persistence on Organization
Enter gepHound
Privilege Escalation and Persistence
Continued: Command & Control
Continued: Lateral Movement
Data Exfiltration
Data Decryption
Closing Remarks
Questions ..!!??
Taught by
Security BSides San Francisco
