AWS IAM Privilege Escalation Methods

Free

IAM

iam

aws

privilege-escalation

security-vulnerability

attack-vector

Visit WebsiteVisit Website

An attacker with the iam:CreatePolicyVersion permission can create a new version of an IAM policy that they have access to. This allows them to define their own custom permissions. When creating a new policy version, it needs to be set as the default version to take effect, which you would think would require the iam:SetDefaultPolicyVersion permission, but when creating a new policy version, it is possible to include a flag (--set-as-default) that will automatically create it as the new default version. That flag does not require the iam:SetDefaultPolicyVersion permission to use. This privilege escalation method could allow a user to gain full administrator access of the AWS account.

FEATURES

The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.

ALTERNATIVES

Ultimate AppLocker Bypass List

Repository documenting common techniques to bypass AppLocker with verified, unverified, and generic bypasses.

Free

IAM

Teller

Open-source universal secret manager for developers with seamless integration to various cloud services and vaults.

Free

IAM

Ploy

A platform that helps companies automate the management of their SaaS identities and applications, providing visibility, security, and compliance across the organization's SaaS ecosystem.

Commercial

IAM

Bitwarden

Secure and manage passwords across devices with Bitwarden's open-source, encrypted password manager.

Free

IAM

Clutch Security

A platform that discovers, manages and secures non-human identities like service accounts, API keys and secrets across enterprise environments.

Commercial

IAM

AWS IAM Identity Center

Centralized workforce identity management for AWS applications.

Free

IAM

helm-secrets

Helm plugin for decrypting encrypted Helm value files on the fly and integrating with cloud native secret managers.

Free

IAM

OpenIAM

OpenIAM offers a unified identity governance platform featuring CIAM, MFA, and PAM integration.

Free

IAM

PINNED

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Commercial

Resources

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Free

Resources

Kriptos

An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.

Commercial

Data Protection

System Two Security

An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.

Commercial

Security Operations

Aikido Security

Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.

Commercial

Application Security

Permiso

Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.

Commercial

IAM

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial

Cloud Security

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial

AI Security