cliam
« Back to VersTracker
Description:
Cloud agnostic IAM permissions enumerator
Type: Formula  |  Latest Version: 2.2.0@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  @securisec  |  formulae.brew.sh
Category: Security
Tags: security iam cloud pentesting reconnaissance devsecops
Install: brew install cliam
About:
cliam is a command-line tool that automatically discovers and enumerates IAM permissions across cloud providers without requiring manual policy analysis. It identifies misconfigurations and overly permissive roles by querying cloud APIs directly, providing immediate visibility into attack surfaces. The tool supports multiple providers including AWS, Azure, and GCP, making it a unified solution for cross-cloud security assessments.
Key Features:
  • Multi-cloud support for AWS, Azure, and GCP
  • Automatic permission enumeration without manual policy review
  • Identifies privilege escalation paths and misconfigurations
  • CLI-based with JSON output for integration into workflows
  • No external dependencies or complex setup required
Use Cases:
  • Red team reconnaissance to identify potential privilege escalation vectors
  • Blue team auditing to find and remediate overly permissive IAM policies
  • DevSecOps pipeline integration for continuous IAM compliance checks
  • Incident response triage to assess compromised credential scope
Alternatives:
  • Pacu – AWS-focused framework with broader attack simulation vs cliam's lightweight, multi-cloud enumeration focus
  • ScoutSuite – Comprehensive cloud security auditing with detailed reporting vs cliam's faster, CLI-driven permission discovery
  • CloudMapper – AWS visualization and analysis tool vs cliam's direct permission enumeration approach
Version History
Detected Version Rev Change Commit
Oct 10, 2025 3:07am 0 VERSION_BUMP 64f330b1
Sep 12, 2025 8:55pm 0 VERSION_BUMP 6e4e253b