AWS-IAM-Privilege-Escalation
AWS IAM exploits
A collection of research and documentation on methods for exploiting weaknesses in AWS IAM to gain unauthorized access
A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
901 stars
33 watching
118 forks
last commit: over 5 years ago
Linked from 2 awesome lists
4ndersonlin/awesome-cloud-security
teamssix/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
| rhinosecuritylabs/gcp-iam-privilege-escalation | A collection of GCP IAM privilege escalation methods and their associated tools | 351 |
 bishopfox/iam-vulnerable | A tool to create a vulnerable AWS IAM configuration playground | 482 |
 salesforce/cloudsplaining | A tool that scans AWS IAM policies to identify security vulnerabilities and generates a report with recommendations for remediation | 2,009 |
 bridgecrewio/airiam | Automates removal of unnecessary AWS IAM resources and generates least privilege Terraform configurations. | 778 |
| rhinosecuritylabs/security-research | Exploits and security research written by a team of experts | 1,064 |
 andresriancho/enumerate-iam | A tool to automatically enumerate permissions associated with AWS credentials | 1,105 |
| rhinosecuritylabs/cloud-security-research | Publishing research findings on cloud security vulnerabilities and exploitation techniques | 358 |
| salesforce/policy_sentry | Automates the creation of least-privilege IAM policies for AWS services | 2,028 |
| rhinosecuritylabs/pacu | An AWS exploitation framework designed to test the security of Amazon Web Services environments | 4,422 |
 awslabs/aws-iam-generator | Automates AWS IAM user and group creation based on configuration files. | 241 |
 welldone-cloud/aws-lint-iam-policies | Tools to analyze and report on AWS IAM policies for security best practices | 119 |
 netflix/consoleme | A tool for managing AWS IAM permissions and access across multiple accounts and users | 3,153 |
 ayoul3/privesc | Tools for exploiting privilege escalation vulnerabilities on z/OS systems | 79 |
 sslab-gatech/pwn2own2020 | An exploitation project demonstrating how to chain vulnerabilities in Safari to escalate privilege on macOS | 404 |
 aabyss-team/awskeytools | A tool for exploiting access key leaks in AWS cloud environments | 358 |