aws-iam-analyser
aws-iam-analyser copied to clipboard
madhuakula
AWS IAM Analysis utility to gather entire useful information from an AWS account
It is essential to find similar sheets discussing privilege escalation and weaknesses in AWS in order to create their rules as well and make the required recommendations https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
Maybe good to check with https://github.com/xebia/xsec-scripts/issues/2 if some other checks might be missing in terms of getting the IAM data.
Check if there is a risk of the confused deputy given the value-chain the account under inspection is in.
Why is this module imported? I don't see the actual benefit of using it. It's only used on the extract function, and that could be handled in a much better...
Across the functions, it's mostly `output` and `response`. What is the excepted output, what is the response? Variables should be better declared to fit their functionality and the purpose being...
Following the hitchhiker's guide to [structuring](https://docs.python-guide.org/writing/structure/), the `app.py` file should be named based on the project name.
Exceptions are per function, and not set in a global manner. Functions should raise the exceptions, and they should be handled in main. The exceptions set as well are extremely...
The objects in the file are created as globals to the file, which is bad practice. In order to solve this, functions will handle input parameters specific to what they...
Metadata
Owner
Metadata
AWS IAM Analysis utility to gather entire useful information from an AWS account