An open-source, community-driven knowledge base of tactics, techniques, and procedures (TTPs) for attacking and defending Google Cloud Platform (GCP) and Google Workspace environments.
As organizations increasingly rely on Google Cloud, understanding the specific threat landscape becomes critical. What I have found over the years is that GCP is the least covered CSP out there from the big three (AWS, Azure, GCP), but attacks, abuses and misconfigurations exist. So instead of treating it like the forgotten little brother, I think it is important to understand its specific threat landscape. This project aims to be the most comprehensive and up-to-date public resource for security professionals, mapping adversary behaviors to the MITRE ATT&CKยฎ framework.
This matrix is designed for:
- Red Teamers & Pentesters to discover and simulate attack paths.
- Blue Teamers & Defenders to build detection and response strategies.
- Cloud Architects to design more secure infrastructure from the ground up.
The full, detailed matrix is located in a separate file to keep this README clean and focused.
โก๏ธ View the Full ATT&CK Matrix
This is a community-driven project, and we welcome contributions of all kinds! Whether you've discovered a new technique, have a better way of explaining an existing one, or want to fix a typo, your input is valuable.
Our contribution process is simple and managed through GitHub:
- Fork the repository.
- Create a new Branch for your changes.
- Add your technique or procedure to the
MATRIX.mdfile. - Submit a Pull Request with a clear description of your changes.
For more detailed instructions, please see our **Contributing Guide**.
This project is distributed under the MIT License. See the LICENSE file for more information.
This project would not be possible without the incredible work of the security researchers, bloggers, and professionals who share their knowledge publicly. A huge thank you to everyone who has contributed, directly or indirectly.
Clรฉment Cruchet - (aka. Lutzenfried)
๐ดโโ ๏ธ HackTheWorld