Skip to content

Commit

Permalink
Update IAM.md
Browse files Browse the repository at this point in the history
  • Loading branch information
NJonesUK authored Oct 16, 2023
1 parent 1535ae3 commit 568ed00
Showing 1 changed file with 2 additions and 6 deletions.
8 changes: 2 additions & 6 deletions docs/aws/services/IAM.md
Original file line number Diff line number Diff line change
Expand Up @@ -522,20 +522,16 @@ The IAM credential report lists all IAM Users and the states of all their creden

## Common Tooling

- <https://github.com/WithSecureLabs/iamspy> - An SMT solver that mimics the AWS IAM policy resolution engine, and will answer questions on who can do what in an AWS account.
- <https://github.com/nccgroup/PMapper> - Graph-based IAM permissions analysis for individual accounts or Organizations.
- <https://github.com/FSecureLABS/awspx> - A graph-based tool for visualizing effective access and resource relationships in an AWS account.
- <https://github.com/duo-labs/parliament> - IAM linting library in python, looks for policy errors and bad practices.
- <https://github.com/salesforce/cloudsplaining> - Identifies data exfiltration, infrastructure modification, resource exposure, and privilege escalation issues with policies in an account.
- <https://github.com/salesforce/policy_sentry> - Least privilege policy generator.
- <https://github.com/duo-labs/cloudmapper> - Security auditing with IAM support included.
- <https://github.com/RhinoSecurityLabs/pacu> - AWS exploitation framework.
- <https://github.com/lyft/cartography> - Cloud infrastructure relationship mapping, with good support for IAM.
- <https://github.com/prisma-cloud/IAMFinder> - External enumeration of IAM users and roles.

### Internal Tooling

- [iamspy](https://git2.f-secure.com/cloud/aws/iamspy) - An SMT solver that mimics the AWS IAM policy resolution engine, and will answer questions on who can do what in an AWS account.
- [iam-hunter](https://git2.f-secure.com/cloud/aws/iam-hunter) - Highlights dangerous roles across an entire AWS organization based on known privilege escalation techniques.
- <https://github.com/WithSecureLabs/awspx> - A graph-based tool for visualizing effective access and resource relationships in an AWS account. Unmaintained, but still sometimes useful.

## External References

Expand Down

0 comments on commit 568ed00

Please sign in to comment.