Add GCP exploitation tactics from gitlab redteam

This commit is contained in:
Victor Ramos Mello 2020-02-16 00:34:02 +01:00 committed by GitHub
parent 996792f74b
commit fc3a493a21
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -21,7 +21,9 @@ A curated list of awesome privilege escalation
* [Linux and Windows](#linux-and-windows) * [Linux and Windows](#linux-and-windows)
* [Docker](#docker) * [Docker](#docker)
* [Docker escape](#docker-escape) * [Docker escape](#docker-escape)
* [Cloud](#cloud)
* [AWS](#aws) * [AWS](#aws)
* [GCP](#gcp)
## Linux ## Linux
- [A guide to Linux Privilege Escalation](https://payatu.com/guide-linux-privilege-escalation/) - [A guide to Linux Privilege Escalation](https://payatu.com/guide-linux-privilege-escalation/)
@ -195,5 +197,9 @@ is intended to be executed locally on a Linux box to enumerate basic system info
- [Escaping Containers to Execute Commands on Play with Docker Servers](https://www.bleepingcomputer.com/news/security/escaping-containers-to-execute-commands-on-play-with-docker-servers/) - [Escaping Containers to Execute Commands on Play with Docker Servers](https://www.bleepingcomputer.com/news/security/escaping-containers-to-execute-commands-on-play-with-docker-servers/)
- [Hack Allows Escape of Play-with-Docker Containers](https://threatpost.com/hack-allows-escape-of-play-with-docker-containers/140831/) - [Hack Allows Escape of Play-with-Docker Containers](https://threatpost.com/hack-allows-escape-of-play-with-docker-containers/140831/)
## AWS ## Cloud
### AWS
- [AWS-IAM-Privilege-Escalation](https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation): A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs. - [AWS-IAM-Privilege-Escalation](https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation): A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
### GCP
- [Tutorial on privilege escalation and post exploitation tactics in Google Cloud Platform environments](https://about.gitlab.com/blog/2020/02/12/plundering-gcp-escalating-privileges-in-google-cloud-platform/): Very deep-dive into manual post-exploitation tactics and techniques for GCP.