astronaut
Logbook
Web Security • Research • CTF
Menu
Jun 03, 2026

GCP Beginner Path

Phase 6 notes: Google Cloud Storage exposure, hidden file discovery, SSRF, Gopher bypasses, metadata service access, and GCP initial access.

research

Phase 6 — GCP Beginner Path

Phase Summary

Completed 2 Red Team labs focused on Google Cloud Storage exposure and SSRF-based GCP initial access.

Do these after AWS and Azure basics.

Learning Objectives

  • Understand Google Cloud Storage exposure and object discovery limits.
  • Practice finding hidden files when bucket listing is restricted.
  • Exploit SSRF paths that target cloud metadata services.
  • Learn how Gopher can bypass some SSRF protections.
  • Compare GCP initial-access patterns against AWS and Azure cloud workflows.

Lab Path

OrderLabTypeSummary
28Reveal Hidden Files in Google Storage🔴 RedMisconfigured Google Cloud Storage and hidden file exposure.
29Exploit SSRF with Gopher for GCP Initial Access🔴 RedSSRF + Gopher protocol → GCP metadata access.

Key Knowledge After Phase 6

  1. Google Cloud Storage exposure is not always obvious, because object access can still leak data even when bucket listing is denied.
  2. Hidden file discovery matters in cloud storage testing, especially for backups, archives, source bundles, and configuration files.
  3. SSRF can become cloud initial access when an application can reach a metadata service from a trusted network position.
  4. Gopher support can weaken SSRF defenses by allowing crafted protocol-level requests through unexpected URL handlers.
  5. GCP metadata access requires platform-specific knowledge, including metadata endpoints, headers, tokens, and resource enumeration.
  6. Cross-cloud comparison improves judgment, because AWS, Azure, and GCP share patterns but differ in identity, metadata, and storage behavior.