enumerate-iam
Enumerate IAM permissions on AWS using brute force
Cloud & Assets4 commands
#aws#iam#permissions#enumerate
Installation
1Clone the repository
2Install dependencies
3Verify installation
git clone https://github.com/andresriancho/enumerate-iam.git
cd enumerate-iam
pip install -r requirements.txt
# Verify
python3 enumerate-iam.py --helpBasic Usage
Brute force IAM permissions to determine effective access
# Basic enumeration with access keys
python3 enumerate-iam.py --access-key AKIA... --secret-key ...
# With session token
python3 enumerate-iam.py --access-key AKIA... --secret-key ... --session-token ...
# Output to file
python3 enumerate-iam.py --access-key AKIA... --secret-key ... -o results.jsonCommand Reference
4 commands
1AWS access key ID
--access-key2AWS secret access key
--secret-key3AWS session token (if using STS)
--session-token4Output file for results
-oWhen to Use
1
Determining effective IAM permissions for an AWS key2
Privilege escalation path discovery3
Post-exploitation AWS environment assessmentNotes & Tips
1
Does not require any permissions to start — uses brute force enumeration2
May generate CloudTrail logs3
Use only with proper authorizationCommon Errors & Solutions
Invalid access key
Verify the AWS access key and secret key are correct
All actions denied
The key may have no permissions or be expired