iamzero-python
introspector
iamzero-python | introspector | |
---|---|---|
1 | 1 | |
4 | 66 | |
- | - | |
0.0 | 0.0 | |
over 1 year ago | over 2 years ago | |
Python | Python | |
Apache License 2.0 | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
iamzero-python
-
IAM Zero: I built a tool which automatically suggests least-privilege IAM policies for AWS CDK infrastructure
The findings in the video came from our Python client library which was used to instrument some Python scripts.
introspector
-
Open source: Catch AWS resource policy backdoors
And if you want to do some code review, it depends on supabase's postgres container and introspector
What are some alternatives?
scapy - Scapy: the Python-based interactive packet manipulation program & library.
PMapper - A tool for quickly evaluating IAM permissions in AWS.
client_python - Prometheus instrumentation library for Python applications
rds-auth-proxy - A "passwordless" login experience for your AWS RDS
ElectricEye - ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
pyccolo - Declarative instrumentation for Python.
applied-security - A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Cybersecurity
iamzero - Identity & Access Management simplified and secure.
aws-allowlister - Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.
metabadger - Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
varc - Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.