Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding Support to GCP #37

Merged
merged 10 commits into from
Dec 24, 2024
Merged

Adding Support to GCP #37

merged 10 commits into from
Dec 24, 2024

Conversation

jesayafn
Copy link
Contributor

@jesayafn jesayafn commented Nov 20, 2024

Adding Support to GCP

Related issue: #30

Feature enhancement:

  • New Attack Surface
  • New GCP Attack Technique: GCPEstablishAccessAsServiceAccount
  • Capability to save established GCP credential
  • Capability to delete current/selected GCP credential

jesayafn and others added 8 commits November 14, 2024 18:19
- Patching the front-end for GCP (WIP)
- Add Attack Technique: GCP - Establishes Access as Service Account (WIP
Merge main with dev/gcp
- Create GCP Access Manager  class
- Improve technique for GCP establish access for SA
…ame and description

- Fix bug on source of history for GCP attack surface
- Seperate method for refresh the token of credential
- Improve the attack technique name and description for "GCPEstablishAccessAsServiceAccount" technique
…or GCPEstablishAccessAsServiceAccount technique

- Add capability for GCP Access Manager to save credential to a JSON file in form base64 for sensitive info
- Add option to save credential and change info output for success attack from 'email' to 'email/client_id' of GCPEstablishAccessAsServiceAccount
- Improve several method on GCPAccess class to handle credential
- Add ability to choose credential (WIP)
@jesayafn
Copy link
Contributor Author

Hi @openrec0n, can you add "WIP" label on this PR?

@openrec0n openrec0n added enhancement New feature or request new technique A new technique is added to Halberd wip A work in progress. Help or additional review needed labels Nov 20, 2024
@openrec0n openrec0n self-requested a review November 20, 2024 16:13
- Updated the GCP credentials icon to replace AWS icon with a GCP-specific icon, improving scope and project ID representation.
- Added functionality to delete the current/selected GCP credential via a new callback.
- Fixed the delete_current_credentials method in GCPAccess to ensure only the current/selected credential is deleted and saved, while preserving undeleted credentials.
@jesayafn
Copy link
Contributor Author

Hi @openrec0n, you can review the PR

@openrec0n openrec0n self-assigned this Nov 27, 2024
@openrec0n openrec0n linked an issue Nov 27, 2024 that may be closed by this pull request
@openrec0n
Copy link
Collaborator

@jesayafn thanks for the PR. I am reviewing this

Copy link
Collaborator

@openrec0n openrec0n left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jesayafn Please check the comments and implement the suggested changes.

Halberd.py Show resolved Hide resolved
Halberd.py Outdated Show resolved Hide resolved
Halberd.py Outdated Show resolved Hide resolved
attack_techniques/gcp/gcp_establish_access_as_sa.py Outdated Show resolved Hide resolved
attack_techniques/gcp/gcp_establish_access_as_sa.py Outdated Show resolved Hide resolved
attack_techniques/gcp/gcp_establish_access_as_sa.py Outdated Show resolved Hide resolved
attack_techniques/gcp/gcp_establish_access_as_sa.py Outdated Show resolved Hide resolved
core/gcp/gcp_access.py Outdated Show resolved Hide resolved
core/gcp/gcp_access.py Outdated Show resolved Hide resolved
core/gcp/gcp_access.py Outdated Show resolved Hide resolved
… clean up code

- Correct typo in callback C062 description.
- Improve execution output for the GCPEstablishAccessAsServiceAccount technique.
- Remove unnecessary code, lines, and comments.
- Fix a typo in a comment.
@openrec0n openrec0n merged commit e923655 into vectra-ai-research:main Dec 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request new technique A new technique is added to Halberd wip A work in progress. Help or additional review needed
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Adding support to GCP
2 participants