Salesforce Endgame Tool

Filed under aws on February 20, 2021

So something interesting I spotted this week was a tool called Endgame.

Originally announced by Salesforce, the tool was pulled by the time I found it, though by that point it was trivial to dig up a fork. The purpose of the tool is to be able to see whether an IAM principal can smash open an account’s resources, and to be honest it’ll be very useful to me in the future while testing attack surfaces.

As far as I can tell, all it really does is enumerate resources and try to make them available to the world via modifying the resource access policies, but in all honesty I think that’s all you really need to open someone’s eyes on security issues.