InfluxDB Platform is powered by columnar analytics, optimized for cost-efficient storage, and built with open data standards. Learn more →
Enumerate-iam Alternatives
Similar projects and alternatives to enumerate-iam
-
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
-
Scout Monitoring
Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
-
-
-
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
-
-
-
-
InfluxDB
Purpose built for real-time analytics at any scale. InfluxDB Platform is powered by columnar analytics, optimized for cost-efficient storage, and built with open data standards.
enumerate-iam discussion
enumerate-iam reviews and mentions
- Boletín AWS Open Source, June Edition
-
The TISC 2022 Writeup
┌──(kali㉿kali)-[/tmp] └─$ git clone https://github.com/andresriancho/enumerate-iam.git Cloning into 'enumerate-iam'... remote: Enumerating objects: 56, done. remote: Total 56 (delta 0), reused 0 (delta 0), pack-reused 56 Receiving objects: 100% (56/56), 33.63 KiB | 3.74 MiB/s, done. Resolving deltas: 100% (25/25), done. ┌──(kali㉿kali)-[/tmp] └─$ cd enumerate-iam ┌──(kali㉿kali)-[/tmp/enumerate-iam] └─$ ┌──(kali㉿kali)-[/tmp/enumerate-iam] └─$ python3 ./enumerate-iam.py --access-key AKIAQYDFBGMSUFX5522K --secret-key 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 2022-09-08 10:29:30,843 - 13773 - [INFO] Starting permission enumeration for access-key-id "AKIAQYDFBGMSUFX5522K" 2022-09-08 10:29:32,363 - 13773 - [INFO] -- Account ARN : arn:aws:iam::051751498533:user/user-b464a9d644194b0dafc3d166d36d5c4e 2022-09-08 10:29:32,364 - 13773 - [INFO] -- Account Id : 051751498533 2022-09-08 10:29:32,364 - 13773 - [INFO] -- Account Path: user/user-b464a9d644194b0dafc3d166d36d5c4e 2022-09-08 10:29:32,615 - 13773 - [INFO] Attempting common-service describe / list brute force. 2022-09-08 10:29:35,551 - 13773 - [INFO] -- ec2.describe_regions() worked! 2022-09-08 10:29:36,374 - 13773 - [INFO] -- ec2.describe_vpcs() worked! 2022-09-08 10:29:36,790 - 13773 - [INFO] -- ec2.describe_subnets() worked! 2022-09-08 10:29:36,925 - 13773 - [INFO] -- ec2.describe_route_tables() worked! /home/kali/.local/lib/python3.9/site-packages/botocore/client.py:621: FutureWarning: The rds client is currently using a deprecated endpoint: rds.amazonaws.com. In the next minor version this will be moved to rds.us-east-1.amazonaws.com. See https://github.com/boto/botocore/issues/2705 for more details. warnings.warn( 2022-09-08 10:29:37,139 - 13773 - [INFO] -- ec2.describe_security_groups() worked! /home/kali/.local/lib/python3.9/site-packages/botocore/client.py:621: FutureWarning: The sqs client is currently using a deprecated endpoint: queue.amazonaws.com. In the next minor version this will be moved to sqs.us-east-1.amazonaws.com. See https://github.com/boto/botocore/issues/2705 for more details. warnings.warn( /home/kali/.local/lib/python3.9/site-packages/botocore/client.py:621: FutureWarning: The shield client is currently using a deprecated endpoint: shield.us-east-1.amazonaws.com. In the next minor version this will be moved to shield.us-east-1.amazonaws.com. See https://github.com/boto/botocore/issues/2705 for more details. warnings.warn( 2022-09-08 10:29:45,719 - 13773 - [INFO] -- dynamodb.describe_endpoints() worked! /home/kali/.local/lib/python3.9/site-packages/botocore/client.py:621: FutureWarning: The health client is currently using a deprecated endpoint: health.us-east-1.amazonaws.com. In the next minor version this will be moved to global.health.amazonaws.com. See https://github.com/boto/botocore/issues/2705 for more details. warnings.warn( 2022-09-08 10:29:49,024 - 13773 - [INFO] -- sts.get_session_token() worked! 2022-09-08 10:29:49,284 - 13773 - [INFO] -- sts.get_caller_identity() worked! 2022-09-08 10:29:51,080 - 13773 - [INFO] -- iam.list_roles() worked! 2022-09-08 10:29:52,409 - 13773 - [INFO] -- iam.list_instance_profiles() worked! 2022-09-08 10:29:55,985 - 13773 - [ERROR] Remove globalaccelerator.describe_accelerator_attributes action
-
What can you do in an AWS infrastructure with some leaked credentials? Analysis of what attackers do + How to protect both cloud services and containers using AWS services.
The first thing to do would be to enumerate the permissions that the user has, using the many APIs available, easily automated with this great tool: https://github.com/andresriancho/enumerate-iam
-
A note from our sponsor - InfluxDB
www.influxdata.com | 14 Sep 2024
Stats
andresriancho/enumerate-iam is an open source project licensed under GNU General Public License v3.0 only which is an OSI approved license.
The primary programming language of enumerate-iam is Python.