PurplePanda
Permission scanner
A tool that identifies privilege escalation paths in cloud and saas applications by analyzing permissions across multiple platforms.
Identify privilege escalation paths within and across different clouds
673 stars
8 watching
82 forks
Language: Python
last commit: 3 months ago
Linked from 1 awesome list
cloudgcpgithubkubernetesprivesc
teamssix/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 andresriancho/enumerate-iam | A tool to automatically enumerate permissions associated with AWS credentials | 1,105 |
| carlospolop/legion | An automatic enumeration tool that uses open-source utilities to discover and extract information from network services. | 887 |
 rhinosecuritylabs/gcp-iam-privilege-escalation | A collection of GCP IAM privilege escalation methods and their associated tools | 351 |
| rhinosecuritylabs/gcpbucketbrute | Scripts to enumerate and analyze Google Storage bucket permissions | 494 |
 cyberark/kubiscan | Automates the identification of risky permissions in Kubernetes clusters. | 1,329 |
| andresriancho/nimbostratus | Tools to discover vulnerabilities in Amazon cloud infrastructure | 448 |
 nccgroup/pmapper | A tool to model and analyze IAM permissions in AWS accounts | 1,436 |
 mitchmoser/lacheck | A tool designed to enumerate local administrative privileges on Windows systems using various protocols | 83 |
 sleventyeleven/linuxprivchecker | A tool for identifying potential vulnerability points in Linux systems | 1,590 |
 netflix/consoleme | A tool for managing AWS IAM permissions and access across multiple accounts and users | 3,153 |
 spencerdodd/kernelpop | Automated framework for discovering and exploiting kernel vulnerabilities on Linux and macOS. | 687 |
 adamchainz/django-permissions-policy | A Django app that sets the Permissions-Policy HTTP header to control third-party feature access | 100 |
 marcin-kolda/gcp-iam-collector | A tool that collects and visualizes IAM permissions from Google Cloud Platform projects. | 50 |
 chris408/ct-exposer | An OSINT tool that searches Certificate Transparency logs to discover sub-domains | 469 |
 vintasoftware/django-role-permissions | A Django app that extends user Group and Permission functionalities to implement role-based permissions | 730 |