Show HN: Principal Mapper v1.1.0 – AWS IAM Security Analysis(github.com)
github.com
Show HN: Principal Mapper v1.1.0 – AWS IAM Security Analysis
https://github.com/nccgroup/PMapper
3 comments
Thanks for the tool! Will it be integrated into ScoutSuite or remain a stand-alone tool?
It will stand alone, but I keep in touch with the ScoutSuite folks. I'm thinking at some point I'll build in graph-creation based off of ScoutSuite's data collection.
Principal Mapper is a tool + library for analyzing and securing your AWS IAM configuration. It generates a model of your account and/or organization and uses it to give you a better idea of the effective permissions of your IAM Users and Roles. It has privilege escalation detection built-in and is hopefully written in a way that will let you extend it for your use-cases.
This v1.1.0 update covers more types of policies (resource policies, permission boundaries, session policies, SCPs), supports AWS Organizations, enables cross-account checks, and more!
https://github.com/nccgroup/PMapper
https://research.nccgroup.com/2021/03/29/tool-release-princi...
Happy to answer any questions you have here!