User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome IAM

👤 Identity and Access Management Knowledge for Cloud Platforms

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: Dec. 4, 2021, 11:18 a.m.

Thank you kdeldycke & contributors
View Topic on GitHub:
kdeldycke/awesome-iam

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Overview

Security

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

2.12K
205
33d
Apache-2.0

📙 Amazon Web Services — a practical guide

30.43K
3.25K
5m
CC-BY-4.0

Account Management

Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, profile management, identity schemas, social sign in, registration, account recovery, and IoT auth. Golang, headless, API-only - without templating or theming headaches.

4.34K
417
31d
Apache-2.0

CyberArk Conjur automatically secures secrets used by privileged users and machine identities

496
91
31d
LGPL-3.0

Open source alternative to Auth0 / Firebase Auth / AWS Cognito

2.77K
103
39d
Apache-2.0

Modern PHP user login and management framework++.

1.54K
379
32d
n/a

Cryptography

Zero-trust Network

A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.

2.41K
230
36d
Apache-2.0

BeyondCorp-inspired HTTPS/SSO Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.

178
17
44d
n/a

Pomerium is an identity-aware access proxy.

2.82K
216
12d
Apache-2.0

Authentication

Password-based

Password-less

Security Key

Solo 1: open security key supporting FIDO2 & U2F over USB + NFC

1.96K
213
36d
n/a

OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

2.09K
189
32d
Apache-2.0

Guide to using YubiKey for GPG and SSH

6.45K
765
40d
MIT

YubiKey at Datadog

416
19
36d
MIT

Multi-Factor

SMS-based

Public-Key Infrastructure (PKI)

Repository for the Lemur Certificate Manager

1.53K
292
31d
Apache-2.0

CFSSL: Cloudflare's PKI and TLS toolkit

6.52K
901
63d
BSD-2-Clause

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

1.39K
187
36d
BSD-3-Clause

JWT

OAuth2 & OpenID

SAML

Policy models

Open-source policy frameworks

Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.

2.84K
187
32d
Apache-2.0

A SDK for access control policies: authorization for the microservice and IoT age. Inspired by AWS IAM policies. Written for Go.

1.97K
189
1y 24d
Apache-2.0

Open source platform for X.509 certificate based service authentication and fine grained access control in dynamic infrastructures. Athenz supports provisioning and configuration (centralized authorization) use cases as well as serving/runtime (decentralized authorization) use cases.

650
223
32d
Apache-2.0

An authorization library that supports access control models like ACL, RBAC, ABAC in Golang

10.57K
1.17K
32d
Apache-2.0

High Performance Rate Limiting MicroService and Library

732
77
32d
Apache-2.0

Oso is a batteries-included framework for building authorization in your application.

1.82K
77
2d
Apache-2.0

The Cerbos engine

91
8
30d
Apache-2.0

AWS policy tools

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

1.26K
104
50d
BSD-3-Clause

IAM Least Privilege Policy Generator

1.5K
97
3d
MIT

A tool for quickly evaluating IAM permissions in AWS.

857
125
54d
AGPL-3.0

Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.

291
41
66d
Apache-2.0

AWS IAM policy statement generator with fluent interface

281
9
30d
Apache-2.0

A Central Control Plane for AWS Permissions and Access

2.61K
177
31d
Apache-2.0

Macaroons

Secret Management

Simple and flexible tool for managing secrets

8.52K
494
38d
MPL-2.0

Scan git repos (or files) for secrets using regex and entropy 🔑

8.56K
772
30d
MIT

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

6.09K
865
31d
GPL-2.0

ROCA: Infineon RSA key vulnerability

461
93
1y 31d
MIT

Hardware Security Module (HSM)

Trust & Safety

User Identity

Fraud

Anomaly Detection on Dynamic (time-evolving) Graphs in Real-time and Streaming manner. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies.

637
77
4m
Apache-2.0

Gephi - The Open Graph Viz Platform

4.52K
1.46K
11d
n/a

Moderation

Threat Intelligence

A curated list of Awesome Threat Intelligence resources

4.66K
1.06K
33d
Apache-2.0

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

6.71K
1.33K
36d
n/a

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

34.45K
17.9K
43d
MIT

Tracking Threat Actor Emails in Phishing Kits. CC @PhishKitTracker on twitter if you find a #threatactoremail in #phishingkit , maintained by @neonprimetime

87
18
11m
n/a

Information gathering & OSINT framework for phone numbers

5.71K
1.71K
31d
GPL-3.0

ϲοnfuѕаblе_һοmоɡlyphs

137
15
3y 96d
MIT

corpus of suspicious media files that can be leveraged by scammers =to bypass security or fool users.

Captcha

Blocklists

Hostnames and Subdomains

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

19.06K
1.69K
34d
MIT

This repository contains the data behind our Security, Privacy and Parental Control features.

383
109
36d
n/a

CIDR country-level IP data, straight from the Regional Internet Registries, updated hourly.

165
31
30d
n/a

An hourly updated list of subdomains gathered from certificate transparency logs

313
57
52d
n/a

Automatically updated, moderated and optimized lists for blocking ads, trackers, malware and other garbage

1.73K
111
30d
n/a

IP to ISP lookup library (includes ASN)

6
3
3y 10m
n/a

XKeyscore matching rules for TOR and other anonymity preserving tools.

Emails

A list of temporary email providers

828
245
32d
MIT

Cross-language temporary (disposable/throwaway) email detection library. Covers 33600 fake email providers.

1.3K
182
30d
MIT

A ruby gem to check if the owner of a given email address or website is working for THE MAN (a.k.a verifies government domains).

141
91
38d
MIT

Identify email addresses or domains names that belong to colleges or universities. Help automate the process of approving or rejecting academic discounts.

1.02K
12.47K
31d
MIT

Reserved IDs

Profanity

List of Dirty, Naughty, Obscene, and Otherwise Bad Words

1.57K
522
82d
CC-BY-4.0

A fast, robust Python library to check for offensive language in strings.

409
64
6m
MIT

Privacy

Anonymization

GDPR

UX/UI

Competitive Analysis

History