Alternatives and similar repositories for IAM-Deescalate

Users that are interested in IAM-Deescalate are comparing it to the libraries listed below

• BishopFox / iam-vulnerable

  View on GitHub
  Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
  ☆544Sep 11, 2025Updated 5 months ago
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• orcasecurity / orca-toolbox

  View on GitHub
  ☆124May 26, 2025Updated 8 months ago
• wiz-sec-public / namespacehound

  View on GitHub
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆111Jan 2, 2025Updated last year
• nccgroup / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆1,539Aug 2, 2024Updated last year
• zoph-io / aws-security-survival-kit

  View on GitHub
  Bare minimum AWS Security Alerting and Secure by default Configuration
  ☆511May 15, 2025Updated 9 months ago
• SummitRoute / aws_exposable_resources

  View on GitHub
  Resource types that can be publicly exposed on AWS
  ☆329Feb 23, 2022Updated 3 years ago
• Frichetten / aws_api_shapeshifter

  View on GitHub
  A small library to alter AWS API requests; Used for fuzzing research
  ☆22Nov 2, 2023Updated 2 years ago
• clearvector / lambda-spy

  View on GitHub
  ☆35Jan 27, 2023Updated 3 years ago
• awslabs / aws-security-assessment-solution

  View on GitHub
  An AWS tool to help you create a point in time assessment of your AWS account using Prowler.
  ☆590Nov 12, 2025Updated 3 months ago
• sbasu7241 / AWS-Threat-Simulation-and-Detection

  View on GitHub
  Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
  ☆308Jan 6, 2023Updated 3 years ago
• ncc-erik-steringer / Aerides

  View on GitHub
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Jan 18, 2022Updated 4 years ago
• ReversecLabs / IAMSpy

  View on GitHub
  ☆228Jan 29, 2026Updated 2 weeks ago
• RhinoSecurityLabs / IAMActionHunter

  View on GitHub
  An AWS IAM policy statement parser and query tool.
  ☆197Updated this week
• miao2sec / collect-cloud-native-sec-vuln

  View on GitHub
  云原生安全漏洞收集
  ☆18Jul 9, 2025Updated 7 months ago
• onemorepereira / aws-sso-reporter

  View on GitHub
  AWS SSO Reporter
  ☆55May 7, 2025Updated 9 months ago
• synopsys-sig / tslint-angular-security

  View on GitHub
  TSLint rules for Angular
  ☆18Nov 30, 2018Updated 7 years ago
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• salesforce / cloudsplaining

  View on GitHub
  Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…
  ☆2,180Updated this week
• Rezonate-io / github-oidc-checker

  View on GitHub
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆61May 15, 2023Updated 2 years ago
• kpolley / slackurity

  View on GitHub
  Slack bot which promotes Defense in Depth/Zero Trust security practices
  ☆24Jan 17, 2023Updated 3 years ago
• tenchi-security / camp

  View on GitHub
  CloudSplaining on AWS Managed Policies
  ☆44Sep 8, 2025Updated 5 months ago
• PankajMoolrajani / access-snipper

  View on GitHub
  Automated least-privilege enforcement for AWS IAM. Analyzes CloudTrail data to compute permission utilization metrics and generates polic…
  ☆13Jan 12, 2026Updated last month
• CloudWanderer-io / PolicyGlass

  View on GitHub
  PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…
  ☆60Jan 9, 2022Updated 4 years ago
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,252Feb 6, 2026Updated last week
• DataDog / threatest

  View on GitHub
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆339Updated this week
• hotnops / AWSRoleJuggler

  View on GitHub
  A toolset to juggle AWS roles for persistent access
  ☆62Aug 14, 2024Updated last year
• flosell / trailscraper

  View on GitHub
  A command-line tool to get valuable information out of AWS CloudTrail
  ☆830Updated this week
• NetSPI / AWSSigner

  View on GitHub
  Burp Extension for AWS Signing
  ☆90Jan 10, 2025Updated last year
• tobilg / aws-lambda-api-call-recorder

  View on GitHub
  A recorder of AWS API calls for Lambda functions
  ☆15Sep 15, 2020Updated 5 years ago
• cedowens / Dylib_Runner

  View on GitHub
  Swift code to run a dylib on disk
  ☆16May 9, 2022Updated 3 years ago
• naman16 / AWS-Security-Guardrails-TF

  View on GitHub
  ☆31Oct 28, 2024Updated last year
• marco-lancini / utils

  View on GitHub
  Useful scripts, Docker images, docker-compose apps, and Terraform modules.
  ☆149Feb 1, 2026Updated 2 weeks ago
• Frichetten / aws-api-models

  View on GitHub
  A collection of documented and undocumented AWS API models
  ☆53Nov 21, 2025Updated 2 months ago
• stafordtituss / HazProne

  View on GitHub
  HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…
  ☆40Jul 15, 2022Updated 3 years ago
• tenable / cnappgoat

  View on GitHub
  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
  ☆293Sep 4, 2024Updated last year
• cloud-copilot / iam-expand

  View on GitHub
  Expand IAM Actions with Wildcards
  ☆34Updated this week
• aidansteele / centralized-logs

  View on GitHub
  Centralizing AWS CloudWatch log forwarding via EventBridge and Step Functions
  ☆48Feb 12, 2023Updated 3 years ago
• goldfiglabs / rpCheckup

  View on GitHub
  rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, …
  ☆162Apr 22, 2021Updated 4 years ago