iamzero-python
PMapper
iamzero-python | PMapper | |
---|---|---|
1 | 7 | |
4 | 1,333 | |
- | 1.3% | |
0.0 | 0.0 | |
over 1 year ago | 7 months ago | |
Python | Python | |
Apache License 2.0 | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
iamzero-python
-
IAM Zero: I built a tool which automatically suggests least-privilege IAM policies for AWS CDK infrastructure
The findings in the video came from our Python client library which was used to instrument some Python scripts.
PMapper
-
How to conduct security assesment of AWS?
In addition to ScoutSuite, I recommend PMapper. https://github.com/nccgroup/PMapper
-
Anyone tried to create a halfway decent least privilege policy for a CDK deployment?
There are tons of other escape hatches, so it's a pretty big moving target. If you'd like to get a hint about your setup, I'd suggest trying: https://github.com/nccgroup/PMapper
- Do you know a way to visulize access flow between users and resources?
-
Graphviz: Open-source graph visualization software
I maintain an open-source project [1] that uses graphs to model data. I wanted to make my project as accessible as possible, so Graphviz was perfect since it's dead-simple to install and use on all major OS platforms.
[1] https://github.com/nccgroup/PMapper
- Principal Mapper v1.1.0 - AWS IAM Security Analysis
-
Show HN: Principal Mapper v1.1.0 – AWS IAM Security Analysis
Hi HN!
Principal Mapper is a tool + library for analyzing and securing your AWS IAM configuration. It generates a model of your account and/or organization and uses it to give you a better idea of the effective permissions of your IAM Users and Roles. It has privilege escalation detection built-in and is hopefully written in a way that will let you extend it for your use-cases.
This v1.1.0 update covers more types of policies (resource policies, permission boundaries, session policies, SCPs), supports AWS Organizations, enables cross-account checks, and more!
https://github.com/nccgroup/PMapper
Happy to answer any questions you have here!
What are some alternatives?
introspector - A schema and set of tools for using SQL to query cloud infrastructure.
awesome-aws - A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.
scapy - Scapy: the Python-based interactive packet manipulation program & library.
data-science-ipython-notebooks - Data science Python notebooks: Deep learning (TensorFlow, Theano, Caffe, Keras), scikit-learn, Kaggle, big data (Spark, Hadoop MapReduce, HDFS), matplotlib, pandas, NumPy, SciPy, Python essentials, AWS, and various command lines.
client_python - Prometheus instrumentation library for Python applications
policy_sentry - IAM Least Privilege Policy Generator
pyccolo - Declarative instrumentation for Python.
aws-leastprivilege - Generates an IAM policy for the CloudFormation service role that adheres to least privilege.
iamzero - Identity & Access Management simplified and secure.
AirIAM - Least privilege AWS IAM Terraformer
d3-dag - Layout algorithms for visualizing directed acyclic graphs
DFB - A mini development environment for developing and troubleshooting the Cypress PSoC Digital Filter Block