The following code will attempt to enumerate operations that a given set of AWS AccessKeys can perform.
Usage: enumerate-iam.py [OPTIONS]
IAM Account Enumerator.
shdobxr
/ auth.sh
Created
August 14, 2019 15:04
— forked from stumyp/auth.sh
simple bash script for getting STS credentials exported as env variables
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| unset AWS_ACCESS_KEY_ID | |
| unset AWS_SECRET_ACCESS_KEY | |
| unset AWS_SECURITY_TOKEN | |
| unset AWS_SESSION_TOKEN | |
| while getopts "e:u:p:s:t:f:" arg ; do | |
| case $arg in | |
| p) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| sudo apt-get update \ | |
| && sudo apt-get install -qy docker.io | |
| sudo apt-get update \ | |
| && sudo apt-get install -y apt-transport-https \ | |
| && curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - | |
shdobxr
/ crt.sh
Created
January 9, 2019 20:01
— forked from 1N3/crt.sh
A small bash script to gather all certificate sub-domains from crt.sh and save them to a file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # crt.sh sub-domain check by 1N3@CrowdShield | |
| # https://crowdshield.com | |
| # | |
| OKBLUE='\033[94m' | |
| OKRED='\033[91m' | |
| OKGREEN='\033[92m' | |
| OKORANGE='\033[93m' |
shdobxr
/ EnumerateIam.md
Created
January 4, 2019 20:03
— forked from darkarnium/EnumerateIam.md
A quick and VERY dirty IAM enumeration tool.
shdobxr
/ ec2-get-security-credentials
Created
September 13, 2018 19:29
— forked from fgassert/ec2-get-security-credentials
gets iam security credentials from instance metadata and writes them to awscli environment variables and .s3cfg (for s3cmd)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # gets iam security credentials from instance metadata and writes them to | |
| # awscli environment variables and .s3cfg (for s3cmd) | |
| # Usage: ec2-get-security-credentials ROLENAME DEFAULT_REGION | |
| # ROLE=$1 | |
| # DEFAULT_REGION=$2 | |
shdobxr
/ get-aws-metadata
Created
October 27, 2017 15:12
— forked from xuwang/get-aws-metadata
Utility script to get commonly used AWS instance metadata (e.g., id, role, account, region, security credentials etc.). Just need curl.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Retrieve AWS instrance's commonly used metadata. Require curl. | |
| # ./get-metadata help | |
| # ./get-metadata id | |
| # Input is case insensitive; format to uppper case to generate self-help page. | |
| info=${1^^} | |
| meta_data_url=http://169.254.169.254/latest/meta-data/ | |
| roleProfile=$(curl -s http://169.254.169.254/latest/meta-data/iam/info \ | |
| | grep -Eo 'instance-profile/([a-zA-Z.-]+)' | sed 's#instance-profile/##') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| aws iam generate-credential-report | |
| aws iam get-credential-report --output text --query Content | base64 -D |