Repokid | - Remove permissions granting access to unused services from the inline policies of IAM roles in an AWS account
|
Cloudsplaining | - Scans accounts for violations of Least Privilege and identifies policies that can lead to Privilege Escalation, Data Exfiltration, Resource Exposure, and Infrastructure Modification
|
AirIAM | - Compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform that replaces the exiting IAM management method
|
CloudTracker | - Helps find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies
|
AWS Key Disabler | - A small lambda script that will disable access keys older than a given amount of days
|
SkyArk | - Discover most privileged entities in the target AWS/Azure environments, including Shadow Admins
|
SkyWrapper | - Analyzes behaviors of temporary tokens
- Aims to find suspicious creation forms and uses of temporary tokens to detect malicious activity in the account
- The tool analyzes the AWS account, and creating an excel sheet includes all the currently living temporary tokens
|