Installing GCP pentesting tools
There are a few different third-party tools that we’ll use to conduct security scans in our GCP instance. First, we’ll install them.
Prowler
I mentioned Prowler for AWS in Chapter 5 and for Azure in Chapter 8. You can also use Prowler to find vulnerabilities in GCP. I’ll briefly walk you through this process as Prowler has already been covered quite a bit in this book.
Everything we’ll be doing will be in Cloud Shell. From the GCP console web application, click on the icon that looks like >_ on the right-hand side of the search bar in the top menu bar to open Cloud Shell. The default CLI is a terminal, which is Bash. All of the Linux Bash commands we used in the AWS and Azure chapters will work here.
First, I verified that I had pip installed and which version it was with this command:
pip -V
This was the response I got at the command line:
pip 20.3.4 from /usr/lib/python3/dist-packages/pip (python 3...
