A tool to visualize the permissions granted to Oracle database users, helping system admin and security auditor identify accounts that may have too broad permissions.
- Obtain the database tables
Obtain the tables below, the list is in file tables.txt too, from the database and save them in ./site/tables/ as CSV files with the following naming convention TABLE_NAME.csv.
DBA_ROLES
DBA_USERS
DBA_COL_PRIVS
DBA_SYS_PRIVS
DBA_TAB_PRIVS
DBA_ROLE_PRIVS
ROLE_SYS_PRIVS
ROLE_TAB_PRIVS
A utility script, named pulltables.sh is included in this repo. It will load credentials and targets from a file named .env and use usql to download the database tables. The .env file must export this variables:
USR=username
PAS=password
HST=hostaname or ip address
PRT=port
SID=database sid
- Start the web server
Serve the files in ./site directory to access the web page, simply opening ./site/index.html in the browser will not work unless you modify the code.
A sample web server written in go can be started with:
go run main.goAs an alternative you can start a simple python server:
python -m http.server 9090 --directory ./site- Improve UI