Browse by type
🚀 Advanced GCP Attack Surface Analysis & Privilege Escalation Discovery
Visualize complex GCP attack paths with the power of BloodHound
GCP-Hound's BloodHound-compatible graph export feature relies on the excellent bhopengraph library by @p0dalirius.
Many thanks to the author for providing an easy, schema-flexible way to generate and export complex attack graphs!
GCP-Hound is an open-source security enumeration and privilege escalation discovery tool designed specifically for Google Cloud Platform environments. Built to integrate seamlessly with BloodHound's OpenGraph framework, it transforms complex GCP IAM relationships into interactive attack graphs.
This project began as a personal learning journey into GCP-focused penetration testing and red teaming techniques. While GCP-Hound already provides substantial reconnaissance and analysis capabilities, it remains a work-in-progress tool that will continue evolving with new features and improvements over time.
The tool may currently lack many advanced features, but I'm committed to gradually improving and expanding its capabilities based on community feedback and real-world testing scenarios.
Search Functionality: The BloodHound Community Edition UI currently does not support search for custom start/end nodes with GCP data. Analysis must be performed via direct Cypher queries. This is a limitation of the BloodHound platform, not GCP-Hound, and will be addressed if native support becomes available. - API Coverage: GCP-Hound relies on Google Cloud APIs for enumeration. Some APIs or services may be disabled in target projects by default, resulting in partial data collection. Enabling additional APIs (e.g., via the gcloud CLI) may improve coverage, but this tool is strictly read-only and does not modify cloud configurations. - - User and Group Enumeration: Unlike Azure Entra ID (AAD) or on-premises Active Directory, GCP does not reliably expose APIs to enumerate all users or groups within an organization or project by default. Enumeration of users and groups is only possible if the executing account has sufficient permissions (such as admin privileges or delegated directory roles). Otherwise, group/user visibility is limited or unavailable. - Environment Scope: The tool has primarily been tested in lab and CTF settings. Results in large-scale or production GCP organizations may be incomplete or contain gaps. - Edge/Description Accuracy: Some edge relationship descriptions are generated heuristically and may be imprecise in certain contexts due to the diversity of real-world GCP configurations.
git clone https://github.com/F41zK4r1m/GCP-Hound.git
cd GCP-Hound
python3 -m venv .venv
source .venv/bin/activate # On Windows: .venv\Scripts\activate
pip install -r requirements.txt
export GCP_CREDS="path/to/key.json"
gcloud auth application-default login
gcloud auth login
To enable custom GCP icons and node types in BloodHound:
python3 register_gcp_nodes.py -s http://localhost:8080 -u admin -p password
This step is required only once per BloodHound instance and enables:
- ✅ Custom GCP icons in the BloodHound UI
- ✅ Enhanced visualization experience
python3 gcp-hound.py
python3 gcp-hound.py -v
python3 gcp-hound.py -p my-gcp-project
python3 gcp-hound.py -d
python3 gcp-hound.py -o /path/to/output
python3 gcp-hound.py -i service@project.iam.gserviceaccount.com
python3 gcp-hound.py -q
./output/gcp-bhopengraph.jsonGCP-Hound performs analysis in 6 comprehensive phases:
After analysis completes:
./output/gcp-bhopengraph.jsonGCP-Hound currently enumerates 23 distinct GCP node types across the Google Cloud ecosystem:
| Category | Node Types | Description |
|---|---|---|
| Identity & Access | GCPUser, GCPGroup, GCPServiceAccount, GCPServiceAccountKey, GCPGoogleManagedSA,CanSignBlob, CanSignJWT |
User identities, groups, and service accounts |
| Organization | GCPProject, GCPFolder, GCPOrganization |
Organizational structure and hierarchy |
| Compute & Containers | GCPInstance, GCPCluster, GCPNode |
Compute Engine VMs and GKE clusters |
| Storage & Data | GCPBucket, GCPDataset, GCPSecret, GCPFunction |
Storage, BigQuery, Secret Manager, Cloud Functions |
| Networking | GCPNetwork, GCPVPC, GCPSubnet, GCPFirewall, GCPRole |
Network infrastructure and roles |
| Additional Services | GCPPubSubTopic, GCPCloudFunction, GCPKMSKey |
Messaging, serverless, and encryption |
| Logging & Monitoring | GCPLogSink, GCPLogBucket, GCPLogMetric |
Logging sinks, log buckets, and log metrics |
Note: While GCPPubSubTopic is registered as a node type, Pub/Sub enumeration is not yet implemented in the current collectors.
| Edge Type | Risk Level | Description |
|---|---|---|
CanCreateKeys |
CRITICAL | Ability to create service account keys (direct privilege escalation) |
CanImpersonate |
HIGH | Service account impersonation capabilities |
CanReadSecrets and CanReadSecretsInProject |
HIGH | shows which account hold privileged access to secrets |
CanListKeys |
MEDIUM | Ability to enumerate existing service account keys |
ContainsServiceAccount |
LOW | Project ownership of service accounts |
OwnsStorageBucket |
MEDIUM | Resource ownership relationships |
HasGoogleOwnedSA |
INFO | Indicates that a GCP project relies on a Google-managed service account for certain internal operations or APIs. |
CanModifyBucketPoliciesInProject |
HIGH | Indicates that an identity (user, SA) has permissions to modify storage bucket policies at the project scope, supporting privilege escalation scenarios. |
BelongsTo |
INFO | Resource-to-project associations |
GCP-Hound focuses on discovering privilege escalation opportunities through:
iam.serviceAccounts.signBlob permission on service account.iam.serviceAccounts.signJwt permission allows an identity to sign a JSON Web Token (JWT) using a target service account's identityShow all critical attack paths:
MATCH (n)-[r]->(m)
WHERE r.riskLevel = "CRITICAL"
RETURN n, r, m
Show complete GCP attack surface:
MATCH (n:GCPResource)-[r]->(m:GCPResource)
RETURN n, r, m LIMIT 100
``` // List all service accounts MATCH (sa:GCPServiceAccount) RETURN sa LIMIT 25
// List all GCP projects
MATCH (p:GCPProject) RETURN p LIMIT 25
// List all GCP resources MATCH (res:GCPResource) RETURN res LIMIT 25
// Show all accounts with secret access MATCH p = ()-[r]->() WHERE type(r) IN ["CanReadSecrets", "CanReadSecretsInProject"] RETURN p LIMIT 50
// Show owner/editor secret access MATCH p = (sa)-[r:CanReadSecretsInProject]->(proj) WHERE r.role IN ["roles/owner", "roles/editor"] RETURN p
// Show service account with secret access MATCH p = (sa:GCPServiceAccount)-[r]->(target) WHERE type(r) IN ["CanReadSecrets", "CanReadSecretsInProject"] RETURN p
// Show users with secret access MATCH p = (user
$ claude mcp add GCP-Hound \
-- python -m otcore.mcp_server <graph>