Our great sponsors
PMapper | graphviz | |
---|---|---|
7 | 11 | |
1,323 | - | |
1.1% | - | |
0.0 | - | |
6 months ago | - | |
Python | ||
GNU Affero General Public License v3.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PMapper
-
How to conduct security assesment of AWS?
In addition to ScoutSuite, I recommend PMapper. https://github.com/nccgroup/PMapper
-
Anyone tried to create a halfway decent least privilege policy for a CDK deployment?
There are tons of other escape hatches, so it's a pretty big moving target. If you'd like to get a hint about your setup, I'd suggest trying: https://github.com/nccgroup/PMapper
- Do you know a way to visulize access flow between users and resources?
-
Graphviz: Open-source graph visualization software
I maintain an open-source project [1] that uses graphs to model data. I wanted to make my project as accessible as possible, so Graphviz was perfect since it's dead-simple to install and use on all major OS platforms.
[1] https://github.com/nccgroup/PMapper
- Principal Mapper v1.1.0 - AWS IAM Security Analysis
-
Show HN: Principal Mapper v1.1.0 – AWS IAM Security Analysis
Hi HN!
Principal Mapper is a tool + library for analyzing and securing your AWS IAM configuration. It generates a model of your account and/or organization and uses it to give you a better idea of the effective permissions of your IAM Users and Roles. It has privilege escalation detection built-in and is hopefully written in a way that will let you extend it for your use-cases.
This v1.1.0 update covers more types of policies (resource policies, permission boundaries, session policies, SCPs), supports AWS Organizations, enables cross-account checks, and more!
https://github.com/nccgroup/PMapper
Happy to answer any questions you have here!
graphviz
-
Dot_ix: Interactive GraphViz Dot Graphs
If you love GraphViz and would like to support it, please do.
> Graphviz is maintained by a few very talented volunteers, and with some help from its founders. Financial donations are accepted on patreon. Anyone who is able to fund a summer intern project (or other project) based on graphviz is invited to contact any of the project leaders, e.g. send a message to north on graphviz org).
> This project has only 3 of its founders remaining as volunteer maintainers, and support is limited and may end soon. If you can help fund to a more formal foundation to continue this project, please contact north on graphviz org.
https://gitlab.com/graphviz/graphviz#support
- goroutines and goccy/go-graphviz package
- Graphviz 7
- Graphviz v7
-
A CSS-Inspired Syntax for Flowcharts
That's interesting. It's not hard to see the problem. HTML labels don't help, either. How do other languages solve this? Like, a shell HERE document that has one fixed string as a terminator? The graphviz lexer https://gitlab.com/graphviz/graphviz/-/blob/main/lib/cgraph/... seems hackable but disabling downstream processing of escapes elsewhere would be necessary too. Possibly this would mean bypassing some of the processing in the function make_label in https://gitlab.com/graphviz/graphviz/-/blob/main/lib/common/...
It's a disappointment or even failure of our current language scanning and parsing tools or, really, the way we used them, that this is not an easy exercise.
- graphviz: Graph Visualization Tools
-
Graphviz: Open-source graph visualization software
If you have bug fix or enhancement requests, try https://gitlab.com/graphviz/graphviz/-/issues?scope=all&stat...
-
Favorite Resources of 2021
Diagrams as Code based on graphviz; for prototyping cloud system architectures
What are some alternatives?
awesome-aws - A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.
mermaid - Generation of diagrams like flowcharts or sequence diagrams from text in a similar manner as markdown
data-science-ipython-notebooks - Data science Python notebooks: Deep learning (TensorFlow, Theano, Caffe, Keras), scikit-learn, Kaggle, big data (Spark, Hadoop MapReduce, HDFS), matplotlib, pandas, NumPy, SciPy, Python essentials, AWS, and various command lines.
plantuml - Generate diagrams from textual description
policy_sentry - IAM Least Privilege Policy Generator
hpcc-js-wasm - HPCC-Systems Web-Assembly (JavaScript)
aws-leastprivilege - Generates an IAM policy for the CloudFormation service role that adheres to least privilege.
sketchviz - A command line clone of https://sketchviz.com/
AirIAM - Least privilege AWS IAM Terraformer
dot-to-ascii - Graphviz to ASCII converter using Graph::Easy
d3-dag - Layout algorithms for visualizing directed acyclic graphs