A tool that generates least privilege IAM policies for AWS services
DumpsterDiver is a tool that can analyze big volumes of data in search of hardcoded secrets like keys (e.g. AWS Access Key, Azure Share Key or SSH keys) or passwords. It allows creating simple search rules with basic conditions (e.g. report only csv files including at least 10 email addresses). The main idea of this tool is to detect any potential secret leaks. Key features include: using Shannon Entropy to find private keys, searching through git logs, unpacking compressed archives (e.g. zip, tar.gz etc.), supporting advanced search using simple rules, searching for hardcoded passwords, and being fully customizable.
A tool that generates least privilege IAM policies for AWS services
A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation
CloudTracker helps identify over-privileged IAM users and roles by analyzing CloudTrail logs.
A comprehensive resource for securing Active Directory, including attack methods and effective defenses.
Certbot is a free tool for automatically enabling HTTPS on websites using Let's Encrypt certificates.
Centralized workforce identity management for AWS applications.