PMapper is definitely a great tool. It’s best used in Pentests for validating some privilege escalation paths. It has the benefit of analyzing IAM trust policies, resource based policies, viewing escalation paths in a graph based approach. Very underrated indeed.
Cloudsplaining is faster at creating a more comprehensive report. We realize that there is lots of damage that can be done just by being able to modify Infrastructure, even when your privileges fall short of legit privilege escalation.
Cloudsplaining is faster at creating a more comprehensive report. We realize that there is lots of damage that can be done just by being able to modify Infrastructure, even when your privileges fall short of legit privilege escalation.
I think the example report will illustrate this best for you. Check it out here: https://opensource.salesforce.com/cloudsplaining/