Normalize Vertex AI docs to enum/privesc/post-exploitation structure

carlospolop · carlospolop · commit 6b2c22a0f35e · 2026-04-07T14:24:55.000+02:00
diff --git a/src/SUMMARY.md b/src/SUMMARY.md
@@ -104,6 +104,7 @@
     - [GCP - Pub/Sub Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.md)
     - [GCP - Secretmanager Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-secretmanager-post-exploitation.md)
     - [GCP - Security Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.md)
+    - [GCP - Vertex AI Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md)
     - [GCP - Workflows Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-workflows-post-exploitation.md)
     - [GCP - Storage Post Exploitation](pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-storage-post-exploitation.md)
   - [GCP - Privilege Escalation](pentesting-cloud/gcp-security/gcp-privilege-escalation/README.md)
@@ -197,7 +198,6 @@
     - [GCP - Spanner Enum](pentesting-cloud/gcp-security/gcp-services/gcp-spanner-enum.md)
     - [GCP - Stackdriver Enum](pentesting-cloud/gcp-security/gcp-services/gcp-stackdriver-enum.md)
     - [GCP - Storage Enum](pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.md)
-    - [GCP - Vertex AI Agent Engine Abuse](pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-agent-engine-abuse.md)
     - [GCP - Vertex AI Enum](pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md)
     - [GCP - Workflows Enum](pentesting-cloud/gcp-security/gcp-services/gcp-workflows-enum.md)
   - [GCP <--> Workspace Pivoting](pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/README.md)
diff --git a/src/pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md b/src/pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md
@@ -1,4 +1,4 @@
-# GCP - Vertex AI Agent Engine Abuse
+# GCP - Vertex AI Post Exploitation
 
 {{#include ../../../banners/hacktricks-training.md}}
 
@@ -9,7 +9,7 @@ This page focuses on **Vertex AI Agent Engine / Reasoning Engine** workloads tha
 For the general Vertex AI overview check:
 
 {{#ref}}
-gcp-vertex-ai-enum.md
+../gcp-services/gcp-vertex-ai-enum.md
 {{#endref}}
 
 For classic Vertex AI privesc paths using custom jobs, models, and endpoints check:
@@ -182,7 +182,7 @@ This is valuable even if write access is blocked because it exposes:
 For more Artifact Registry background check:
 
 {{#ref}}
-gcp-artifact-registry-enum.md
+../gcp-services/gcp-artifact-registry-enum.md
 {{#endref}}
 
 ## Tenant-project pivot: deployment artifact retrieval
diff --git a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.md b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.md
@@ -42,7 +42,7 @@ An attacker with the mentioned permissions will be able to **request an access t
 For a **resource-driven** variant where attacker-controlled code steals a **managed Vertex AI Agent Engine runtime token** from the metadata service and reuses it as the Vertex AI service agent, check:
 
 {{#ref}}
-../gcp-services/gcp-vertex-ai-agent-engine-abuse.md
+../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md
 {{#endref}}
 
 ```bash
@@ -164,4 +164,3 @@ You can find an example on how to create and OpenID token behalf a service accou
 
 {{#include ../../../banners/hacktricks-training.md}}
 
-
diff --git a/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-vertex-ai-privesc.md b/src/pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-vertex-ai-privesc.md
@@ -10,10 +10,10 @@ For more information about Vertex AI check:
 ../gcp-services/gcp-vertex-ai-enum.md
 {{#endref}}
 
-For **Agent Engine / Reasoning Engine** abuse using the runtime metadata service, the default Vertex AI service agent, and cross-project pivoting into consumer / producer / tenant resources, check:
+For **Agent Engine / Reasoning Engine** post-exploitation paths using the runtime metadata service, the default Vertex AI service agent, and cross-project pivoting into consumer / producer / tenant resources, check:
 
 {{#ref}}
-../gcp-services/gcp-vertex-ai-agent-engine-abuse.md
+../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md
 {{#endref}}
 
 ### `aiplatform.customJobs.create`, `iam.serviceAccounts.actAs`
diff --git a/src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md b/src/pentesting-cloud/gcp-security/gcp-services/gcp-vertex-ai-enum.md
@@ -14,10 +14,10 @@
 
 ### Agent Engine / Reasoning Engine
 
-For **Agent Engine / Reasoning Engine** specific enumeration and abuse paths involving **metadata credential theft**, **P4SA abuse**, and **producer/tenant project pivoting**, check:
+For **Agent Engine / Reasoning Engine** specific enumeration and post-exploitation paths involving **metadata credential theft**, **P4SA abuse**, and **producer/tenant project pivoting**, check:
 
 {{#ref}}
-gcp-vertex-ai-agent-engine-abuse.md
+../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md
 {{#endref}}
 
 ### Key Components
@@ -271,6 +271,12 @@ In the following page, you can check how to **abuse Vertex AI permissions to esc
 ../gcp-privilege-escalation/gcp-vertex-ai-privesc.md
 {{#endref}}
 
+### Post Exploitation
+
+{{#ref}}
+../gcp-post-exploitation/gcp-vertex-ai-post-exploitation.md
+{{#endref}}
+
 ## References
 
 - [https://cloud.google.com/vertex-ai/docs](https://cloud.google.com/vertex-ai/docs)
