Audit your
Identity Perimeter

IAM Hunter performs a deep forensic scan of your Identity and Access Management. It maps Privilege Escalation paths and detects Public Trust risks that compromise your sovereignty. No credentials ever leave your local environment.

01

Launch the Identity Audit container.

02

Replace the *** with your Read-Only AWS Credentials. Ensure you have IAM:List and IAM:Get permissions.

03

Execute on your terminal and provide your email to Sync Results.

Identity Audit Command

docker run -it --rm \
  -e AWS_ACCESS_KEY_ID=*** \
  -e AWS_SECRET_ACCESS_KEY=*** \
  getghostarchitect/iam-hunter

SOC2 Mapping // Privilege Detection // MFA Verification

IAM Probe: Scanning Permissions

Awaiting Identity Trace from local container.
SOC2 Mapping will begin upon sync.

Security & FAQ

How are my credentials handled?

IAM Hunter operates under Hardened by Design principles. Your AWS keys are used exclusively locally within the Docker runtime to initiate the boto3 session. They are never transmitted, stored, or logged by Ghost Architect. The forensic manifest generated is fully encrypted via Fernet (cryptography) before any synchronization occurs.

What does the scan cover?

The engine performs a deep audit of your identity perimeter, focusing on MFA compliance, AdministratorAccess abuse, and Public Trust Exposure in Role Trust Policies. It maps how 'Wildcard' principals could allow unauthorized entities to assume control of your roles, identifying the exact Resource IDs involved.

HOW IS THE "GLOBAL RISK EXPOSURE" CALCULATED?

Our logic assigns a financial weight to every vulnerability based on SOC2/ISO27001 non-compliance costs and the market value of a compromised privileged identity. If your exposure exceeds $10,000 USD, the system triggers a 'Critical' alert, providing the exact data needed to justify immediate remediation.

WHAT HAPPENS AFTER PAYMENT?

You will receive the IAM Forensic Roadmap via PDF. This document translates the encrypted .stnx file into a clear briefing, listing the exact Usernames and Roles that allow for an Account Takeover. You get the intelligence to see the invisible privilege escalation paths; your team then handles the revocation.