BSides 2020 - Chris Moberly's 'Google Cloud Post-Exploitation Tactics & Techniques' →
Based on the in-depth blog post. A quick overview of some GCP security fundamentals, and then an interactive walkthrough of a post-exploitation scenario.
The demonstration shows examples for escalating privileges, moving laterally, and breaking out of GCP into GSuite.
Originally meant to be a talk for BSides Melbourne 2020, which was cancelled due to the global pandemic. - Chris Moberly's outstanding blog post