Skip to content

MaxwellCaron/sam-IAM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

11 Commits
sam-iam
sam-iam
Β 
Β 
.gitignore
.gitignore
Β 
Β 
README.md
README.md
Β 
Β 
requirements.txt
requirements.txt
Β 
Β 

Repository files navigation

sam-IAM

Python brute force and enumeration script to determine what IAM permissions a specific AWS user has.


usage: main.py [-h] [--access-key ACCESS_KEY] [--secret-key SECRET_KEY] [--session-token SESSION_TOKEN] [--profile PROFILE] [--region REGION] [--no-border]

options:
  -h, --help            show this help message and exit
  --access-key ACCESS_KEY
                        Access key for the API. If provided, secret key is also required.
  --secret-key SECRET_KEY
                        Secret key for the API.
  --session-token SESSION_TOKEN
                        Token for the API session.
  --profile PROFILE     AWS profile to use in requests.
  --region REGION       AWS region to inspect.
  --no-border           Removes pretty bordering for easy copy and paste.

Example

                                               
                                                 ╔══════╗                                                 
═════════════════════════════════════════════════╣ User ╠═════════════════════════════════════════════════
                                                 β•šβ•β•β•β•β•β•β•                                                 
                                               
╔══════════╣ Attached
β•‘                                                                                              
β•‘ [+] Found 1 Attached Policy                                                                  
β•‘      
β•‘  
╠═════╣ [1] PublicSnapper (arn:aws:iam::104506445608:policy/PublicSnapper)
β•‘                      
╠══╣ Get-Policy         
β•‘ {              
β•‘     "PolicyName": "PublicSnapper",
β•‘     "PolicyId": "ANPARQVIRZ4UD6B2PNSLD",
β•‘     "Arn": "arn:aws:iam::104506445608:policy/PublicSnapper",
β•‘     "Path": "/",   
β•‘     "DefaultVersionId": "v9",
β•‘     "AttachmentCount": 1,
β•‘     "PermissionsBoundaryUsageCount": 0,
β•‘     "IsAttachable": true,
β•‘     "CreateDate": "2023-06-10 22:33:41+00:00",
β•‘     "UpdateDate": "2024-01-15 23:47:11+00:00",                                      
β•‘     "Tags": []                                                                     
β•‘ }                                                                                  
β•‘             
╠══╣ Get-Policy-Version
β•‘ {                                                                  
β•‘     "Sid": "Intern1",                                               
β•‘     "Effect": "Allow",                                               
β•‘     "Action": "ec2:DescribeSnapshotAttribute",
β•‘     "Resource": "arn:aws:ec2:us-east-1::snapshot/snap-0c0679098c7a4e636"
β•‘ }                                                                       
β•‘ {                                                                       
β•‘     "Sid": "Intern2",                                                   
β•‘     "Effect": "Allow",
β•‘     "Action": "ec2:DescribeSnapshots",                                                       
β•‘     "Resource": "*"
β•‘ }
β•‘ {
β•‘     "Sid": "Intern3",
β•‘     "Effect": "Allow",
β•‘     "Action": [
β•‘         "iam:GetPolicyVersion",
β•‘         "iam:GetPolicy",
β•‘         "iam:ListAttachedUserPolicies"
β•‘     ],
β•‘     "Resource": [
β•‘         "arn:aws:iam::104506445608:user/intern",
β•‘         "arn:aws:iam::104506445608:policy/PublicSnapper"
β•‘     ]
β•‘ }
β•‘ {
β•‘     "Sid": "Intern4",
β•‘     "Effect": "Allow",
β•‘     "Action": [
β•‘         "ebs:ListSnapshotBlocks",
β•‘         "ebs:GetSnapshotBlock"
β•‘     ],
β•‘     "Resource": "*"
β•‘ }

╔══════════╣ Inline
 Access Denied

                                      ╔════════════════════════════╗                                      
══════════════════════════════════════╣ "intern" Group Memberships ╠══════════════════════════════════════
                                      β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•                                      
 Access Denied

                                             ╔══════════════╗                                             
═════════════════════════════════════════════╣ Other Groups ╠═════════════════════════════════════════════
                                             β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•                                             
 Access Denied

                                                ╔═══════╗                                                 
════════════════════════════════════════════════╣ Roles ╠═════════════════════════════════════════════════
                                                β•šβ•β•β•β•β•β•β•β•                                                 
 Access Denied

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages