Simple Multi-Target Reconnaissance (GCP)

Simple Multi-Target Reconnaissance leverages Google Cloud Platform infrastructure to perform efficient, scalable network reconnaissance across multiple targets simultaneously. This approach significantly reduces the time required for large-scale network analysis while maintaining high efficiency and scalability.

GCP architecture diagram showing the flow from Heph4estus through Cloud Workflows, Pub/Sub, GKE, and monitoring services

Architecture diagram showing GCP services integration for Simple Multi-Target reconnaissance

GCP Workflow Overview

1. Scan Initiation

User runs Heph4estus which triggers a producer application that uses the GCP SDK
The input file with targets is processed the same way

2. Producer Processing

The producer application packages target data and triggers a Cloud Workflow

3. Workflow Orchestration

Cloud Workflows executes the scanning workflow
Parallel execution is managed through the workflow definition

4. Message Publishing

For each target, a message is published to a Cloud Pub/Sub topic
Messages contain target and scan option information

5. Container Execution

Messages trigger GKE pods
Each container runs with the scanner image from Artifact Registry
VPC Service Controls can be used to restrict network access

6. Consumer Processing

Each container subscribes to Pub/Sub messages
The container runs Nmap with the specified parameters

7. Result Storage

Scan results are uploaded to Cloud Storage buckets
Object lifecycle policies can manage retention

8. Task Completion

Pub/Sub acknowledgments confirm message processing
Cloud Run instances scale down when idle

9. Error Handling

Error Reporting captures application errors
Logging and monitoring systems track failed operations