AWS IAM Privilege Escalation Methods Logo

AWS IAM Privilege Escalation Methods

0
Free
IAM
iam
aws
privilege-escalation
security-vulnerability
attack-vector
Visit Website

An attacker with the iam:CreatePolicyVersion permission can create a new version of an IAM policy that they have access to. This allows them to define their own custom permissions. When creating a new policy version, it needs to be set as the default version to take effect, which you would think would require the iam:SetDefaultPolicyVersion permission, but when creating a new policy version, it is possible to include a flag (--set-as-default) that will automatically create it as the new default version. That flag does not require the iam:SetDefaultPolicyVersion permission to use. This privilege escalation method could allow a user to gain full administrator access of the AWS account.

FEATURES

ALTERNATIVES

Securden Unified PAM Logo
Securden Unified PAM

A powerful tool that enables organizations to discover, manage, and secure privileged access, helping to reduce the risks associated with privileged accounts and activities.

Commercial
IAM
OpenIAM Logo
OpenIAM

OpenIAM offers a unified identity governance platform featuring CIAM, MFA, and PAM integration.

Free
IAM
KeeFarce Logo
KeeFarce

KeeFarce allows for the extraction of KeePass 2.x password database information from memory using DLL injection and CLRMD.

Free
IAM
Password Storage - OWASP Cheat Sheet Series Logo
Password Storage - OWASP Cheat Sheet Series

Guidelines and best practices for securely storing passwords.

Free
IAM
Bitwarden Logo
Bitwarden

Secure and manage passwords across devices with Bitwarden's open-source, encrypted password manager.

Free
IAM
Akamai MFA Logo
Akamai MFA

Akamai MFA is a cloud-based multi-factor authentication solution using FIDO2 standard to secure workforce logins across various applications through smartphone push notifications.

Commercial
IAM
BeyondTrust Privileged Access Management (PAM) Logo
BeyondTrust Privileged Access Management (PAM)

BeyondTrust Privileged Access Management (PAM) provides comprehensive security controls for privileged accounts and users.

Free
IAM
CredStash Logo
CredStash

CredStash is a tool for managing and securely storing credentials.

Free
IAM

PINNED

Fabric Platform by BlackStork Logo

Fabric Platform by BlackStork

Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.

Free
Security Operations
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.

Free
Blogs and News
Wiz Logo

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial
Cloud Security
Adversa AI Logo

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial
AI Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved

LINKS
Blog
LEGAL
Terms of servicesPrivacy policy