A collection of Bash scripts to enumerate and audit GCP environments during internal security assessments or penetration tests.

• gcp-accounts-privs-mapper.sh — Enumerates accounts and highlights risky permissions.
• gcp_get_user_roles.sh — Lists IAM roles assigned to a user across projects and organizations.
• buckets_file_ext_counter.sh — Counts and categorizes file extensions within GCS buckets.
• enumerate_instances.sh — Retrieves GCP Compute Engine instance metadata for security review.
• buckets_audit.sh - Enumerate accessible GCS buckets
• gcp-secrets-audit.sh - Enumerates secrets across multiple GCP projects. [New]
• gcp-public-buckets-scan.sh - cans GCP storage buckets across multiple GCP projects and flags buckets that may be publicly accessible based on IAM policy bindings. [New]