The following outlines a list of software that have been developed in cloud security auditing for optimizing security in Google Cloud platforms. A list of solutions is presented with their respective github descriptions.

1. GCPBucketBrute

A script to enumerate Google Storage buckets, determine what access are enabled, and determine if they can be privilege escalated.

Detailed information and setup information: https://github.com/RhinoSecurityLabs/GCPBucketBrute

2. GCP IAM Collector

Python scripts for collecting and visualizing Google Cloud Platform IAM permissions

Detailed information and setup information: https://github.com/marcin-kolda/gcp-iam-collector

2. GCP IAM Collector

Hayat is an auditing & hardening script for Google Cloud Platform services such as:

• Identity & Access Management
• Logging and monitoring
• Networking
• Virtual Machines
• Storage
• Cloud SQL Instances
• Kubernetes Clusters

Detailed information and setup information: https://github.com/DenizParlak/hayat

4. PurplePanda

This tool fetches resources from different cloud/saas applications focusing on permissions in order to identify privilege escalation paths and dangerous permissions in the cloud/saas configurations.

Detailed information and setup information: https://github.com/carlospolop/PurplePanda

5. GCP Firewall Enum

This tool analyzes the output of several gcloud commands to determine which compute instances have network ports exposed to the public Internet.

Detailed information and setup information: https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/gcp_firewall_enum