ncc-erik-steringer
ncc-erik-steringer
v1.2.0
* Add Python 3.10 support * Added Glue edges * Added Data Pipeline edges * Added support for other partitions (`aws-us-gov`, `aws-cn`) * Fixed service-linked role checks * Dropped Python...
Feature idea: `pmapper graph delete` to allow folks to delete graphs off their disk. Same for `pmapper orgs delete`
PMapper is not equipped to handle GovCloud or AWS China. Here's a list of work that needs to be done to add support: - [x] Change how we store info...
Pulling in some lessons learned from the "iam-vulnerable" project: https://github.com/BishopFox/iam-vulnerable . TODO: 1. Apply the following Terraform files and verify the noted permission combinations lead to Edges. 1. https://github.com/BishopFox/iam-vulnerable/blob/main/modules/free-resources/privesc-paths/privesc18-PassExistingRoleToNewGlueDevEndpoint.tf 2....
**Scenario:** Imagine someone has permissions to change their own group memberships? That affects the effective permissions of the nodes. **Solutions:** * Evaluate the `iam:*Group*` actions _while_ doing queries. Probably slow...
An idea for a preset query is to see which users can read their own permissions.
The ScoutSuite tool, when ran against AWS, pulls enough resource data from the account that it should be possible to construct a Graph in PMapper with it. This might save...
Need to add full installation support. Looks like we're missing: * `setup.py` * `manifest`
I am calling the `ListUsers` operation to list out the IAM Users in my account. Among the elements in the response, I was looking for `PermissionsBoundary`. Per my reading of...
In this demo, we give the operators group access to call iam:CreateAccessKey for other users in the account. However, this should lead to a PMapper test case failing, since this...