Repokid uses Access Advisor provided by Aardvark to remove permissions granting access to unused services from the inline policies of IAM roles in an AWS account. Getting Started: - Install mkvirtualenv repokid - git clone git@github.com:Netflix/repokid.git - cd repokid - pip install -e . - repokid config config.json DynamoDB: - You will need a DynamoDB table called repokid_roles (specify account and endpoint in dynamo_db in config file). - The table should have RoleId (string) as a primary partition key, no primary sort key. - A global secondary index named Account with a primary partition key of Account and RoleId and Account as projected attributes. - A global secondary index named RoleName with a primary partition key of RoleName and RoleId and RoleName as projected attributes. - For development, you can run dynamo locally. To run locally: docker-compose up. The endpoint for DynamoDB will be http://localhost:8000. A DynamoDB admin panel can be found at http://localhost:8001. If you run the development version the table and index will be created for you automatically. IAM Permissions: - Repokid needs an IAM Role in each account that will be queried.
FEATURES
SIMILAR TOOLS
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
A fully automated AD build script that configures a domain fully with adjustable XML files.
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
A list of disposable email domains to detect or block disposable accounts
Repository documenting common techniques to bypass AppLocker with verified, unverified, and generic bypasses.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.