GCP - Cloud Functions Unauthenticated Enum
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Cloud Functions
More information about Cloud Functions can be found in:
GCP - Cloud Functions EnumBrute Force URls
Brute Force the URL format:
https://<region>-<project-gcp-name>.cloudfunctions.net/<func_name>
It's easier if you know project names.
Check this page for some tools to perform this brute force:
GCP - Unauthenticated Enum & AccessEnumerate Open Cloud Functions
With the following code taken from here you can find Cloud Functions that permit unauthenticated invocations.
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Last updated