IAM

AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.

Protects against account abuse across lifecycle using ML and risk indicators

FIDO2-based MFA solution using smartphone push notifications for authentication

Password manager for storing and sharing passwords, secrets, and credentials

AI-powered identity governance platform for automated access management

Unified PAM platform for privileged account, session, endpoint & vendor access mgmt

A Docker-based utility that monitors TLS certificate expiration dates and exposes the data as Prometheus metrics with support for Kubernetes ingress discovery and configurable domain filtering.

A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.

Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.

A Lambda function that automatically disables AWS IAM User Access Keys after a specified time period to reduce security risks from aging credentials.

Aaia visualizes AWS IAM and Organizations data in Neo4j graph format to help identify security outliers and conduct privilege escalation analysis through Cypher queries.

Certbot is a free tool for automatically enabling HTTPS on websites using Let's Encrypt certificates.

IAM Zero detects identity and access management issues and automatically suggests least-privilege policies by analyzing application errors and access patterns in cloud environments.

IAMSpy is a library that uses the Z3 prover to analyze AWS IAM policies and query whether specific actions are allowed or denied.

GPG Sync is a tool designed to keep OpenPGP public keys up-to-date within an organization by offloading the complexity of key management to a single trusted person.

This tutorial describes how to set up two-factor authentication for an SSH server by integrating Google Authenticator with OpenSSH.

Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.

A Certificate Transparency log monitor that alerts users when SSL/TLS certificates are issued for their domains, helping detect unauthorized certificate issuance and potential security threats.

Centralized workforce identity management for AWS applications.

A PHP OAuth 2.0 authorization server implementation with support for various grants and RFCs.

A command-line password manager that encrypts credentials using GnuPG and stores them in YAML files with git synchronization support.

Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.

Provision, manage, and renew SSL/TLS certificates for your AWS resources with AWS Certificate Manager.

Secure and manage passwords across devices with Bitwarden's open-source, encrypted password manager.