IAM
Tools for managing identities, access controls, and secure credential storage.Explore 60 curated tools and resources
RELATED TASKS
PINNED
Promoted • 6 toolsWant your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A powerful tool that enables organizations to discover, manage, and secure privileged access, helping to reduce the risks associated with privileged accounts and activities.
A powerful tool that enables organizations to discover, manage, and secure privileged access, helping to reduce the risks associated with privileged accounts and activities.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.
Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.
A Lambda function that automatically disables AWS IAM User Access Keys after a specified time period to reduce security risks from aging credentials.
IAM Zero detects identity and access management issues and automatically suggests least-privilege policies by analyzing application errors and access patterns in cloud environments.
IAM Zero detects identity and access management issues and automatically suggests least-privilege policies by analyzing application errors and access patterns in cloud environments.
IAMSpy is a library that uses the Z3 prover to analyze AWS IAM policies and query whether specific actions are allowed or denied.
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.
A list of Windows privilege escalation techniques, categorized and explained in detail.
A list of Windows privilege escalation techniques, categorized and explained in detail.
A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation
A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation
Centralized workforce identity management for AWS applications.
A PHP OAuth 2.0 authorization server implementation with support for various grants and RFCs.
A PHP OAuth 2.0 authorization server implementation with support for various grants and RFCs.
This article discusses protected accounts and groups in Active Directory, providing examples and screenshots to illustrate key concepts.
This article discusses protected accounts and groups in Active Directory, providing examples and screenshots to illustrate key concepts.
Encrypt Kubernetes Secrets into SealedSecrets for safe storage and controlled decryption within the cluster.
Encrypt Kubernetes Secrets into SealedSecrets for safe storage and controlled decryption within the cluster.
Secure and manage passwords across devices with Bitwarden's open-source, encrypted password manager.
Secure and manage passwords across devices with Bitwarden's open-source, encrypted password manager.
A library for forward compatibility with PHP password functions.
PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.
kube2iam provides IAM credentials to Kubernetes containers by intercepting EC2 metadata API calls and retrieving temporary AWS credentials based on pod annotations.
A comprehensive resource for securing Active Directory, including attack methods and effective defenses.
A comprehensive resource for securing Active Directory, including attack methods and effective defenses.
An automated script that configures Active Directory domains using customizable XML configuration files.
An automated script that configures Active Directory domains using customizable XML configuration files.
Find leaked credentials by scanning repositories for high entropy strings.
Abusing DNSAdmins privilege for escalation in Active Directory
Abusing DNSAdmins privilege for escalation in Active Directory