Awesome

Awesome AWS S3 Security

Collection of tools, techniques and useful links concerning security and exposed AWS S3 Buckets

Tools

• Grayhat Warfare - A free tool that lists open s3 buckets and helps you search for interesting files
• AWSBucketDump - AWSBucketDump is a tool to quickly enumerate AWS S3 buckets to look for loot
• S3Scanner - Scan for open AWS S3 buckets and dump the contents - By sa7mon
• s3enum - Fast Amazon S3 bucket enumeration tool for pentesters
• s3-buckets-finder - PHP tool to brute force Amazon S3 bucket - By gwen001
• s3-buckets-finder - PHP tool to brute force Amazon S3 bucket - By gold1029
• Sandcastle - a Python script for AWS S3 bucket enumeration, formerly known as bucketCrawler
• mubrute - The tool uses the response code returned by s3.amazonaws.com to determine if a bucket exists and its list permissions
• PyLazyS3 - Enumerate AWS S3 buckets using different permutations
• RoboBucketeer - Robot Framework Library for Buckteer - S3 Buckets & Subdomain Enumeration
• inSp3ctor - AWS S3 Bucket/Object Finder
• bucketkicker - A tool to quickly enumerate AWS S3 buckets verify whether or not they exist and to look for loot
• s3recon - Amazon S3 bucket finder and crawler
• s3finder - Can search using a wordlist or by monitoring the certstream network for domain names from certificate transparency logs
• kicks3 - S3 bucket finder from html,js and bucket misconfiguration testing tool
• bucket_finder - DigiNinja's bucket_finder utility - By mattweidner
• Bucket_Finder - Leaky Buckets - By hazana
• haka_toni_bucket_finder - Yet another S3 Bucket finder (No official description provided)
• s3-open-bucket-finder - Yet another S3 Bucket finder (No official description provided)
• s3scanner - Scan for open public S3 buckets - By miguelmota
• bucket-scraper - Command-line application for scraping, indexing and downloading of Amazon S3 buckets
• bucket-hunter - Amazon AWS Exposed Bucket Hunter - Security research
• bucket-stream - Find interesting Amazon S3 Buckets by watching certificate transparency logs
• goGetBucket - A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain
• bucket_finder - Trawl Amazon S3 buckets for interesting files

General Purpose Tools

• CloudScraper - CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space
• CloudStorageFinder - A collection of tools to find data that has been made public in cloud storage systems such as S3 Buckets and Digital Ocean Spaces
• exif-scraper - Grab photos from an S3 bucket and store their EXIF data in a database
• mlb-dfs-scrapers - Web scraping library for dumping MLB stats in S3 bucket csv files

Techniques

• enum_wayback - Metasploit module that pulls and parses the URLs stored by Archive.org for the purpose of replaying during a web assessment. Finding unlinked and old pages.

Articles

• List of AWS S3 Leaks
• How to search for Open Amazon s3 Buckets and their contents
• There's a Hole in 1,951 Amazon S3 Buckets
• Amazon S3 Bucket Public Access Considerations
• Analysing Amazon's Buckets
• Unsecured Public Information in Amazon S3 Buckets - Are Your Buckets Leaking Data?
• Exposed S3 bucket CloudTrail logs — Another way to compromise security
• Fantastic! Public S3 Buckets and How to Find Them

Videos

• How do I find out which S3 buckets allow access from the Internet?
• Securing and Protecting Against Exposed S3 Buckets
• Effective S3 Bucket Management to Prevent and Mitigate Data Exposure
• The Bucket List: Experiences Operating S3 Honeypots