primeharbor/sensitive_iam_actions external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

primeharbor/sensitive_iam_actions

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/primeharbor/sensitive_iam_actions)

Close

primeharbor / sensitive_iam_actionsView on GitHubMore

• External links
• Readme badge

Crowdsourced list of sensitive IAM Actions

☆159Oct 29, 2024Updated last year

Alternatives and similar repositories for sensitive_iam_actions

Users that are interested in sensitive_iam_actions are comparing it to the libraries listed below

• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆135Oct 23, 2023Updated 2 years ago
• caizencloud / caizen

  View on GitHub
  Harness the security superpowers of your cloud asset inventory
  ☆11Sep 22, 2024Updated last year
• tenable / access-undenied-aws

  View on GitHub
  Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-s…
  ☆267Jan 26, 2023Updated 3 years ago
• Fennerr / PMapper

  View on GitHub
  A tool for quickly evaluating IAM permissions in AWS.
  ☆76May 27, 2024Updated last year
• orcasecurity / orca-toolbox

  View on GitHub
  ☆124May 26, 2025Updated 9 months ago
• SecurityRunners / CloudCommotion

  View on GitHub
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆146Jun 18, 2024Updated last year
• iann0036 / iam-dataset

  View on GitHub
  A consolidated series of structured data for cloud identity and access management systems, including datasets for AWS, Azure, and Google …
  ☆301Updated this week
• ReversecLabs / IAMSpy

  View on GitHub
  ☆229Feb 24, 2026Updated last week
• RhinoSecurityLabs / IAMActionHunter

  View on GitHub
  An AWS IAM policy statement parser and query tool.
  ☆198Feb 10, 2026Updated 3 weeks ago
• SummitRoute / aws_exposable_resources

  View on GitHub
  Resource types that can be publicly exposed on AWS
  ☆331Feb 23, 2022Updated 4 years ago
• Permiso-io-tools / CloudConsoleCartographer

  View on GitHub
  Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Cl…
  ☆173May 16, 2024Updated last year
• righteousgambit / quiet-riot

  View on GitHub
  Unauthenticated enumeration of AWS, Azure, and GCP Principals
  ☆283Nov 27, 2025Updated 3 months ago
• aws-samples / data-perimeter-policy-examples

  View on GitHub
  Example policies demonstrating how to implement a data perimeter on AWS.
  ☆193Updated this week
• fwdcloudsec / known_aws_accounts

  View on GitHub
  List of known AWS accounts
  ☆257Feb 6, 2026Updated 3 weeks ago
• aws-samples / service-control-policy-examples

  View on GitHub
  Example AWS Service control policies to get started or mature your usage of AWS SCPs.
  ☆285Updated this week
• glassechidna / trackiam

  View on GitHub
  A project to collate IAM actions, AWS APIs and managed policies from various public sources.
  ☆302Updated this week
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆174Feb 22, 2026Updated last week
• tenable / cnappgoat

  View on GitHub
  CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.
  ☆293Sep 4, 2024Updated last year
• cloud-copilot / iam-expand

  View on GitHub
  Expand IAM Actions with Wildcards
  ☆34Feb 25, 2026Updated last week
• aquia-inc / aws-guardduty-runbook-generator

  View on GitHub
  Generates runbooks for GuardDuty findings
  ☆38Jun 24, 2024Updated last year
• zoph-io / aws-security-survival-kit

  View on GitHub
  Bare minimum AWS Security Alerting and Secure by default Configuration
  ☆513May 15, 2025Updated 9 months ago
• PaloAltoNetworks / IAM-Deescalate

  View on GitHub
  IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)
  ☆98Sep 14, 2022Updated 3 years ago
• welldone-cloud / aws-scps-for-sandbox-and-training-accounts

  View on GitHub
  Collection of example Service Control Policies (SCPs) that are useful for sandbox and training AWS accounts.
  ☆161Dec 22, 2025Updated 2 months ago
• cloudandthings / terraform-aws-clickops-notifier

  View on GitHub
  Get notified when actions are taken in the AWS Console.
  ☆330Jan 20, 2025Updated last year
• StateFarmIns / CLAWS

  View on GitHub
  This application was built to help reduce the amount of time it takes to review AWS Lambda code.
  ☆61Nov 11, 2024Updated last year
• cloud-copilot / iam-collect

  View on GitHub
  Collect IAM information from all your AWS organization, accounts, and resources.
  ☆86Updated this week
• Frichetten / aws-api-models

  View on GitHub
  A collection of documented and undocumented AWS API models
  ☆53Nov 21, 2025Updated 3 months ago
• salesforce / aws-allowlister

  View on GitHub
  Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frame…
  ☆224Aug 11, 2023Updated 2 years ago
• FogSecurity / aws-encryption-tracker

  View on GitHub
  Tracker for Encryption by Default for AWS Resources
  ☆14Apr 10, 2025Updated 10 months ago
• welldone-cloud / aws-list-resources

  View on GitHub
  Uses the AWS Cloud Control API to list resources that are present in a given AWS account and region(s). Discovered resources are written …
  ☆182Dec 21, 2025Updated 2 months ago
• hotnops / apeman

  View on GitHub
  AWS Attack Path Management Tool - Walking on the Moon
  ☆262Dec 5, 2024Updated last year
• glassechidna / config2jsonlines

  View on GitHub
  Transform AWS Config snapshots to a more AWS Athena-friendly format.
  ☆11Aug 26, 2020Updated 5 years ago
• CloudWanderer-io / PolicyGlass

  View on GitHub
  PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…
  ☆60Jan 9, 2022Updated 4 years ago
• offensive-actions / azure-storage-reverse-shell

  View on GitHub
  This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs
  ☆39Sep 25, 2024Updated last year
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• widdix / aws-amicleaner

  View on GitHub
  To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. …
  ☆36Feb 24, 2026Updated last week
• aws-samples / aws-customer-playbook-framework

  View on GitHub
  This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
  ☆649Updated this week
• Netflix-Skunkworks / policyuniverse

  View on GitHub
  Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.
  ☆447Jun 21, 2024Updated last year
• DataDog / undocumented-aws-api-hunter

  View on GitHub
  A tool to uncover undocumented APIs from the AWS Console.
  ☆116Apr 29, 2025Updated 10 months ago