Iam

Pacu is an open-source AWS exploitation framework designed for offensive security testing against cloud environments through modular attack capabilities.

Dufflebag searches through public AWS EBS snapshots to identify accidentally exposed secrets and sensitive information.

Repokid automatically removes unused service permissions from AWS IAM role inline policies using Access Advisor data to implement least privilege access.

cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.

A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.

A collection of AWS-native scripts and automation tools for DevSecOps, incident response, and security remediation in cloud environments.

CFRipper is a security analyzer for AWS CloudFormation templates that identifies vulnerabilities and misconfigurations before cloud deployment.

Centralized workforce identity management for AWS applications.

A Terraform module that establishes security baseline configurations for AWS accounts based on CIS benchmarks and AWS security best practices.

A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.

Cloud Inquisitor is an AWS security tool that monitors resource ownership, detects domain hijacking, verifies security services, and manages IAM policies across multiple accounts.

CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.

kube2iam provides IAM credentials to Kubernetes containers by intercepting EC2 metadata API calls and retrieving temporary AWS credentials based on pod annotations.

Documentation of an AWS IAM privilege escalation technique that exploits the iam:CreatePolicyVersion permission to gain elevated access through policy manipulation.

SkyArk is a cloud security scanning tool that identifies privileged entities in AWS and Azure environments to help mitigate Cloud Shadow Admin threats.

A NodeJS/TypeScript library that generates IAM Policy Actions Statements for AWS services with predefined constants and factory classes for AWS CDK integration.

SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.

Kiam is a Kubernetes agent that allows Pods to assume AWS IAM roles, though it is being deprecated in favor of AWS' official IAM roles for Service Accounts solution.

OpenIAM offers a unified identity governance platform featuring CIAM, MFA, and PAM integration.

ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.

Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.

A CLI tool for generating AWS IAM policy documents, SAM policy templates, and SAM Connectors using JSON definitions from the AWS Policy Generator.

An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.

IAM Floyd is a code generation tool that provides a fluent interface for creating AWS IAM policy statements with comprehensive service coverage and CDK integration support.