GCP Service Account Key Finder

GCP Service Account Key Finder

Discovery and validation of Google Cloud Platform service account keys:

• Key enumeration — Scans GCP projects for service accounts and their associated keys, identifying those with excessive permissions.
• Permission analysis — Maps each service account to its IAM roles and highlights overprivileged accounts with owner/editor roles.
• Key age audit — Identifies keys that have not been rotated according to security policy, with configurable age thresholds.
• Leaked key detection — Searches public repositories, CI/CD logs, and common file paths for exposed service account JSON keys.
• Exploitation module — Once a valid key is found, authenticates and enumerates accessible resources: storage buckets, compute instances, BigQuery datasets, and Kubernetes clusters.