Traditional IAM Fuzzing Capability

Refers: Permissions Simulation Capability by iam:SimulatePrincipalPolicy for more information.

Permissions Simulation Capability by iam:SimulatePrincipalPolicy

If SkyEye detects that the user principal does not have sufficient permission to perform iam:SimulatePrincipalPolicy, SkyEye will switch directly to initialize the fuzzing capability. The fuzzing capability will be performed by actively invoking the AWS API of nearly 8000 AWS read-only actions to understand which actions the user principal can perform. Only AWS read-only actions will be undertaken in the fuzzing capability, due to the fact that almost all the read-only actions will not require the essential parameters and values to be provided before the execution.

Fuzzing capability is integrated into Fuzzing feature in Single-Principal IAM Enumeration mode only.

PreviousPermissions Simulation Capability by iam:SimulatePrincipalPolicy NextDeep Comparison Model for Policy Documents of Active Version and Historical Versions

Last updated 7 months ago