An attacker with the iam:CreatePolicyVersion permission can create a new version of an IAM policy that they have access to. This allows them to define their own custom permissions. When creating a new policy version, it needs to be set as the default version to take effect, which you would think would require the iam:SetDefaultPolicyVersion permission, but when creating a new policy version, it is possible to include a flag (--set-as-default) that will automatically create it as the new default version. That flag does not require the iam:SetDefaultPolicyVersion permission to use. This privilege escalation method could allow a user to gain full administrator access of the AWS account.
FEATURES
SIMILAR TOOLS
Repository documenting common techniques to bypass AppLocker with verified, unverified, and generic bypasses.
Encrypt Kubernetes Secrets into SealedSecrets for safe storage and controlled decryption within the cluster.
Helm plugin for decrypting encrypted Helm value files on the fly and integrating with cloud native secret managers.
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
Tool for visualizing and analyzing control paths in Active Directory to determine access privileges and permissions.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.