Exploiting GCP applications
Now that we’ve installed a few third-party scanning tools, it’s time to use them.
Prowler
Let’s go through the basics of scanning GCP with Prowler first.
By default, Prowler will use the credentials of whichever account you used to log in to GCP for your VM. If you need to change your account, verify your accounts in IAM in the GCP web console. Verify your account credentials. You can change accounts in GCP with this command:
gcloud config set account <account>
Now, we can run a default Prowler scan in GCP with this command. Make sure you’re in the Prowler directory first, then run a scan:
cd prowler prowler gcp
If you used GitHub to install Prowler, use prowler.py instead of prowler in your commands.
I recommend executing the help file first so that you can see all of the commands and options you can use in Prowler. As in previous chapters, you can get Prowler to list services and checks, and run specific...
