diff --git a/docs/aws/services/IAM.md b/docs/aws/services/IAM.md index 1e94de7..bfb5274 100644 --- a/docs/aws/services/IAM.md +++ b/docs/aws/services/IAM.md @@ -522,8 +522,8 @@ The IAM credential report lists all IAM Users and the states of all their creden ## Common Tooling +- - An SMT solver that mimics the AWS IAM policy resolution engine, and will answer questions on who can do what in an AWS account. - - Graph-based IAM permissions analysis for individual accounts or Organizations. -- - A graph-based tool for visualizing effective access and resource relationships in an AWS account. - - IAM linting library in python, looks for policy errors and bad practices. - - Identifies data exfiltration, infrastructure modification, resource exposure, and privilege escalation issues with policies in an account. - - Least privilege policy generator. @@ -531,11 +531,7 @@ The IAM credential report lists all IAM Users and the states of all their creden - - AWS exploitation framework. - - Cloud infrastructure relationship mapping, with good support for IAM. - - External enumeration of IAM users and roles. - -### Internal Tooling - -- [iamspy](https://git2.f-secure.com/cloud/aws/iamspy) - An SMT solver that mimics the AWS IAM policy resolution engine, and will answer questions on who can do what in an AWS account. -- [iam-hunter](https://git2.f-secure.com/cloud/aws/iam-hunter) - Highlights dangerous roles across an entire AWS organization based on known privilege escalation techniques. +- - A graph-based tool for visualizing effective access and resource relationships in an AWS account. Unmaintained, but still sometimes useful. ## External References