User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome IAM

👤 Identity and Access Management Knowledge for Cloud Platforms

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: Aug. 7, 2022, 6:13 p.m.

Thank you kdeldycke & contributors
View Topic on GitHub:
kdeldycke/awesome-iam

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Overview

Security

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

2.12K
205
9m
Apache-2.0

📙 Amazon Web Services — a practical guide

30.78K
3.32K
7m
CC-BY-4.0

Account Management

Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, profile management, identity schemas, social sign in, registration, account recovery, and IoT auth. Golang, headless, API-only - without templating or theming headaches.

4.34K
417
9m
Apache-2.0

CyberArk Conjur automatically secures secrets used by privileged users and machine identities

496
91
9m
LGPL-3.0

Open source alternative to Auth0 / Firebase Auth / AWS Cognito

2.77K
103
9m
Apache-2.0

Modern PHP user login and management framework++.

1.54K
379
9m
n/a

Cryptography

Zero-trust Network

A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.

2.41K
230
9m
Apache-2.0

BeyondCorp-inspired HTTPS/SSO Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.

178
17
9m
n/a

Pomerium is an identity-aware access proxy.

2.94K
233
5m
Apache-2.0

Authentication

Password-based

Password-less

Security Key

Solo 1: open security key supporting FIDO2 & U2F over USB + NFC

1.96K
213
9m
n/a

OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

2.09K
189
9m
Apache-2.0

Guide to using YubiKey for GPG and SSH

6.45K
765
9m
MIT

YubiKey at Datadog

416
19
9m
MIT

Multi-Factor

SMS-based

Public-Key Infrastructure (PKI)

Repository for the Lemur Certificate Manager

1.53K
292
9m
Apache-2.0

CFSSL: Cloudflare's PKI and TLS toolkit

6.52K
901
10m
BSD-2-Clause

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

1.39K
187
9m
BSD-3-Clause

JWT

OAuth2 & OpenID

A UI-first centralized authentication / Single-Sign-On (SSO) platform based on OAuth 2.0 / OIDC

721
85
9m
Apache-2.0

OpenID Connect and OAuth 2.0 Framework for ASP.NET Core

8.52K
3.38K
6m
Apache-2.0

ZITADEL - The Open Source Auth0, Firebase Auth, AWS Cognito and Keycloak alternative written in Go and built for the serverless era

402
38
103d
Apache-2.0

A ready-to-launch User and Authentication system for those that don't want to build it

313
32
103d
Apache-2.0

SAML

Policy models

Open-source policy frameworks

Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.

2.84K
187
9m
Apache-2.0

A SDK for access control policies: authorization for the microservice and IoT age. Inspired by AWS IAM policies. Written for Go.

1.97K
189
1y 9m
Apache-2.0

Open source platform for X.509 certificate based service authentication and fine grained access control in dynamic infrastructures. Athenz supports provisioning and configuration (centralized authorization) use cases as well as serving/runtime (decentralized authorization) use cases.

650
223
9m
Apache-2.0

An authorization library that supports access control models like ACL, RBAC, ABAC in Golang

10.57K
1.17K
9m
Apache-2.0

Policy and data administration, distribution, and real-time updates on top of Open Policy Agent

473
36
4m
Apache-2.0

High Performance Rate Limiting MicroService and Library

732
77
9m
Apache-2.0

Oso is a batteries-included framework for building authorization in your application.

2.13K
97
6m
Apache-2.0

The Cerbos engine

91
8
9m
Apache-2.0

AWS policy tools

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

1.26K
104
9m
BSD-3-Clause

IAM Least Privilege Policy Generator

1.57K
101
6m
MIT

A tool for quickly evaluating IAM permissions in AWS.

857
125
10m
AGPL-3.0

Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.

291
41
10m
Apache-2.0

AWS IAM policy statement generator with fluent interface

281
9
9m
Apache-2.0

A Central Control Plane for AWS Permissions and Access

2.61K
177
9m
Apache-2.0

Macaroons

Secret Management

Simple and flexible tool for managing secrets

8.52K
494
9m
MPL-2.0

Scan git repos (or files) for secrets using regex and entropy 🔑

8.56K
772
9m
MIT

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

6.09K
865
9m
GPL-2.0

ROCA: Infineon RSA key vulnerability

461
93
1y 9m
MIT

Hardware Security Module (HSM)

Trust & Safety

User Identity

Fraud

Anomaly Detection on Dynamic (time-evolving) Graphs in Real-time and Streaming manner. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies.

637
77
1y 12d
Apache-2.0

Gephi - The Open Graph Viz Platform

4.63K
1.48K
5m
n/a

Moderation

Threat Intelligence

A curated list of Awesome Threat Intelligence resources

4.66K
1.06K
9m
Apache-2.0

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

6.71K
1.33K
9m
n/a

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

34.45K
17.9K
9m
MIT

Tracking Threat Actor Emails in Phishing Kits. CC @PhishKitTracker on twitter if you find a #threatactoremail in #phishingkit , maintained by @neonprimetime

87
18
1y 7m
n/a

Information gathering & OSINT framework for phone numbers

5.71K
1.71K
9m
GPL-3.0

ϲοnfuѕаblе_һοmоɡlyphs

137
15
3y 11m
MIT

corpus of suspicious media files that can be leveraged by scammers =to bypass security or fool users.

Captcha

Blocklists

Hostnames and Subdomains

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

19.06K
1.69K
9m
MIT

This repository contains the data behind our Security, Privacy and Parental Control features.

383
109
9m
n/a

CIDR country-level IP data, straight from the Regional Internet Registries, updated hourly.

165
31
9m
n/a

An hourly updated list of subdomains gathered from certificate transparency logs

313
57
9m
n/a

Automatically updated, moderated and optimized lists for blocking ads, trackers, malware and other garbage

1.73K
111
9m
n/a

IP to ISP lookup library (includes ASN)

6
3
4y 6m
n/a

XKeyscore matching rules for TOR and other anonymity preserving tools.

Emails

A list of temporary email providers

828
245
9m
MIT

Cross-language temporary (disposable/throwaway) email detection library. Covers 33600 fake email providers.

1.3K
182
9m
MIT

A ruby gem to check if the owner of a given email address or website is working for THE MAN (a.k.a verifies government domains).

141
91
9m
MIT

Identify email addresses or domains names that belong to colleges or universities. Help automate the process of approving or rejecting academic discounts.

1.02K
12.47K
9m
MIT

Reserved IDs

Profanity

List of Dirty, Naughty, Obscene, and Otherwise Bad Words

1.57K
522
10m
CC-BY-4.0

A fast, robust Python library to check for offensive language in strings.

409
64
1y 86d
MIT

Privacy

Anonymization

GDPR

UX/UI

Competitive Analysis

History