Identity & Access Tools
Identity and access management tools help secure authentication, authorization, and user lifecycle management across applications and infrastructure. These tools support modern protocols like OAuth2, OIDC, SAML, and Kerberos, enabling secure identity workflows.
Keycloak
Keycloak is an open-source identity and access management platform supporting SSO, OAuth2, OpenID Connect, and user federation. It provides authentication flows, MFA, role-based access control, and identity brokering.
Why it’s useful: Helps learners understand modern authentication protocols and how identity providers secure applications at scale.
Difficulty: Intermediate
Auth0 (Free Tier)
Auth0 is a cloud-based identity-as-a-service platform offering authentication, authorization, MFA, and user management. It integrates easily with modern applications and APIs.
Why it’s useful: Shows how cloud IAM platforms implement secure authentication and how identity is centralized across applications.
Difficulty: Beginner
Open Policy Agent (OPA)
OPA is a policy engine that decouples authorization logic from applications. It uses the Rego language to define fine-grained access control policies across microservices and cloud systems.
Why it’s useful: Teaches how modern systems enforce authorization consistently and securely across distributed environments.
Difficulty: Advanced
LDAP Account Manager
LDAP Account Manager provides a web interface for managing LDAP users, groups, and permissions. It simplifies working with directory services and enterprise identity structures.
Why it’s useful: Helps learners understand directory-based identity systems and how enterprise IAM is structured.
Difficulty: Intermediate
Kerbrute
Kerbrute is a tool for enumerating and validating Active Directory accounts via Kerberos. It is commonly used in red team assessments and identity-focused security testing.
Why it’s useful: Shows how attackers abuse authentication protocols and how defenders detect enumeration attempts.
Difficulty: Intermediate