Visualizing AWS IAM attack paths using IAMGraph

Install IAMGraph, collect the AWS IAM data and ingest it

The pentest user will need to be able to use "get-account-authorization-details"

podman pull docker.io/library/neo4j:latest
podman run -d -p 127.0.0.1:7474:7474 -p 127.0.0.1:7687:7687 -e NEO4J_AUTH=none -v $PWD/data:/data neo4j:latest
mkdir input; aws iam get-account-authorization-details > ./input/accountjson
iamgraph --db-uri bolt://localhost:7687 run --input-dir ./input/

See the graph at:

http://localhost:7474/browser/

Query:

MATCH (n)-[r]-() RETURN *

Visualizing AWS IAM attack paths using IAMGraph

Install IAMGraph, collect the AWS IAM data and ingest it​

Install IAMGraph, collect the AWS IAM data and ingest it