kube2iam
Redirects EC2 metadata API traffic to a container that retrieves temporary AWS credentials and proxies other calls to the EC2 metadata API.
Active Directory (AD) Trusts have been a hot topic as of late. In this blog entry, we are going to focus on theoretical examples based on two separate forest domains – A and B. Domain A and Domain B are autonomous and are not members of the same AD forest. However, the trust relationship will change in context of the examples to understand the principle of trust direction. Some Background Info In essence, AD Trusts establish the authentication mechanism between domains and/or forests. AD Trusts allow for resources (e.g. security principals such as users) in one domain to honor the authentication to access resources in another domain. Of note, it is important to understand that simply establishing a trust relationship between two domains does not allow for resources from a theoretical Domain A to access resources in a theoretical Domain B. Resources in Domain A must be authorized (e.g. given permission) to access resources in a theoretical Domain B.
Redirects EC2 metadata API traffic to a container that retrieves temporary AWS credentials and proxies other calls to the EC2 metadata API.
Securely store and access AWS credentials in a development environment.
PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.
Helm plugin for decrypting encrypted Helm value files on the fly and integrating with cloud native secret managers.
A library utilizing Z3 prover to analyze AWS IAM policies.
A tool for visualizing AWS IAM and Organizations in a graph format with Neo4j, supporting anomaly detection and custom data processing.