User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome IAM

👤 Identity and Access Management Knowledge for Cloud Platforms

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: None

Thank you kdeldycke & contributors
View Topic on GitHub:
kdeldycke/awesome-iam

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Overview

Security

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

2.04K
194
26d
Apache-2.0

📙 Amazon Web Services — a practical guide

28.87K
2.94K
9m
CC-BY-4.0

Account Management

Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, profile management, identity schemas, social sign in, registration, account recovery, and IoT auth. Golang, headless, API-only - without templating or theming headaches.

4.07K
369
26d
Apache-2.0

CyberArk Conjur automatically secures secrets used by privileged users and machine identities

482
91
26d
LGPL-3.0

Cryptography

Zero-trust Network

A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.

2.36K
219
26d
Apache-2.0

BeyondCorp-inspired Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.

173
16
7m
n/a

Pomerium is an identity-aware access proxy.

2.35K
154
8m
Apache-2.0

Authentication

Password-based

Password-less

Security Key

Solo 1: open security key supporting FIDO2 & U2F over USB + NFC

1.91K
212
51d
n/a

OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

2.07K
183
26d
Apache-2.0

Guide to using YubiKey for GPG and SSH

6.29K
745
47d
MIT

YubiKey at Datadog

411
18
52d
MIT

Multi-Factor

SMS-based

Public-Key Infrastructure (PKI)

Repository for the Lemur Certificate Manager

1.52K
292
27d
Apache-2.0

CFSSL: Cloudflare's PKI and TLS toolkit

6.4K
886
39d
BSD-2-Clause

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

1.36K
181
5m
BSD-3-Clause

JWT

OAuth2 & OpenID

A UI-first centralized authentication / Single-Sign-On (SSO) platform based on OAuth 2.0 / OIDC

390
63
26d
Apache-2.0

OpenID Connect and OAuth 2.0 Framework for ASP.NET Core

7.69K
2.82K
9m
Apache-2.0

ZITADEL - Identity Experience Platform

220
22
26d
Apache-2.0

Integrated SSO and IDM for browser apps and RESTful web services.

SAML

Policy models

Open-source policy frameworks

Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.

2.67K
169
26d
Apache-2.0

A SDK for access control policies: authorization for the microservice and IoT age. Inspired by AWS IAM policies. Written for Go.

1.95K
184
11m
Apache-2.0

Open source platform for X.509 certificate based service authentication and fine grained access control in dynamic infrastructures. Athenz supports provisioning and configuration (centralized authorization) use cases as well as serving/runtime (decentralized authorization) use cases.

639
223
26d
Apache-2.0

An authorization library that supports access control models like ACL, RBAC, ABAC in Golang

10.36K
1.15K
26d
Apache-2.0

High Performance Rate Limiting MicroService and Library

713
75
45d
Apache-2.0

oso is an open source policy engine for authorization that’s embedded in your application

238
6
1y 25d
Apache-2.0

The Cerbos engine

65
7
26d
Apache-2.0

AWS policy tools

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

1.23K
98
30d
BSD-3-Clause

IAM Least Privilege Policy Generator

1.09K
57
1y 53d
MIT

A tool for quickly evaluating IAM permissions in AWS.

819
120
45d
AGPL-3.0

Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.

287
41
40d
Apache-2.0

AWS IAM policy statement generator with fluent interface

131
7
9m
Apache-2.0

A Central Control Plane for AWS Permissions and Access

2.57K
165
29d
Apache-2.0

Macaroons

Secret Management

Simple and flexible tool for managing secrets

6.86K
402
1y 40d
MPL-2.0

Scan git repos (or files) for secrets using regex and entropy 🔑

7.19K
624
8m
MIT

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

6K
843
38d
GPL-2.0

ROCA: Infineon RSA key vulnerability

458
93
11m
MIT

Hardware Security Module (HSM)

Trust & Safety

User Identity

Wordlists for creating statistically likely username lists for use in password attacks and security testing

426
71
3y 4m
n/a

🔎 Hunt down social media accounts by username across social networks

27.13K
2.9K
27d
MIT

Fraud

Anomaly Detection on Dynamic (time-evolving) Graphs in Real-time and Streaming manner. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies.

634
77
89d
Apache-2.0

Gephi - The Open Graph Viz Platform

4.21K
1.43K
1y 26d
n/a

Moderation

Threat Intelligence

A curated list of Awesome Threat Intelligence resources

4.09K
938
10m
Apache-2.0

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

6.59K
1.29K
26d
n/a

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

33.75K
17.57K
27d
MIT

Tracking Threat Actor Emails in Phishing Kits. CC @PhishKitTracker on twitter if you find a #threatactoremail in #phishingkit , maintained by @neonprimetime

87
17
9m
n/a

Information gathering & OSINT framework for phone numbers

5.49K
1.65K
27d
GPL-3.0

ϲοnfuѕаblе_һοmоɡlyphs

137
15
3y 55d
MIT

corpus of suspicious media files that can be leveraged by scammers =to bypass security or fool users.

Captcha

Blocklists

Hostnames and Subdomains

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

16K
1.46K
1y 57d
MIT

This repository contains the data behind our Security, Privacy and Parental Control features.

366
105
31d
n/a

CIDR country-level IP data, straight from the Regional Internet Registries, updated hourly.

148
31
26d
n/a

An hourly updated list of subdomains gathered from certificate transparency logs

312
56
26d
n/a

Automatically updated, moderated and optimized lists for blocking ads, trackers, malware and other garbage

1.29K
88
1y 54d
Unknown

IP to ISP lookup library (includes ASN)

6
3
3y 8m
n/a

XKeyscore matching rules for TOR and other anonymity preserving tools.

Emails

A list of temporary email providers

816
236
30d
MIT

Cross-language temporary (disposable/throwaway) email detection library. Covers 33600 fake email providers.

1.24K
162
9m
MIT

A ruby gem to check if the owner of a given email address or website is working for THE MAN (a.k.a verifies government domains).

141
91
45d
MIT

Identify email addresses or domains names that belong to colleges or universities. Help automate the process of approving or rejecting academic discounts.

1.02K
12.25K
26d
MIT

Reserved IDs

Profanity

List of Dirty, Naughty, Obscene, and Otherwise Bad Words

1.53K
513
41d
CC-BY-4.0

A fast, robust Python library to check for offensive language in strings.

401
65
5m
MIT

Privacy

Anonymization

GDPR

UX/UI

Competitive Analysis

History