Giters

v0re / S3Scanner

Scan for open S3 buckets and dump

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

S3Scanner

License: CC BY-NC-SA 4.0 Build Status

A tool to find open S3 buckets and dump their contents đź’§

1 - s3finder.py

Using

#  s3scanner - Find S3 buckets and dump!
#
#  Author: Dan Salmon - @bltjetpack, github.com/sa7mon

positional arguments:
  buckets                Name of text file containing buckets to check

optional arguments:
  -h, --help              show this help message and exit
  -o, --out-file OUTFILE  Name of file to save the successfully checked buckets in (Default: buckets.txt)
  -c, --include-closed    Include found but closed buckets in the out-file
  -r , --default-region   AWS region to default to (Default: us-west-1)
  -d, --dump              Dump all found open buckets locally

The tool takes in a list of bucket names to check. Found S3 domains are output to file with their corresponding region in the format 'domain:region'. The tool will also dump the contents of 'open' buckets locally.

Examples

This tool accepts the following type of bucket formats to check:

  • bucket name - google-dev
  • domain name - uber.com, sub.domain.com
  • full s3 url - yahoo-staging.s3-us-west-2.amazonaws.com (To easily combine with other tools like bucket-stream)
  • bucket:region - flaws.cloud:us-west-2
> cat names.txt
flaws.cloud
google-dev
testing.microsoft.com
yelp-production.s3-us-west-1.amazonaws.com
github-dev:us-east-1

  1. Dump all open buckets, log both open and closed buckets to found.txt

    > python ./s3scanner.py --include-closed --out-file found.txt --dump names.txt

  2. Just log open buckets to the default output file (buckets.txt)

    > python ./s3scanner.py names.txt

Installation

  1. (Optional) virtualenv venv && source ./venv/bin/activate
  2. pip install -r requirements.txt
  3. python ./s3scanner.py

(Compatibility has been tested with Python 2.7 and 3.6)

Contributing

Issues are welcome and Pull Requests are appreciated. All contributions should be compatible with both Python 2.7 and 3.6.

master Build Status
enhancements Build Status
bugs Build Status

Testing

  • All test are currently in test_scanner.py
  • Run tests with in 2.7 and 3.6 virtual environments.
  • This project uses pytest-xdist to run tests. Use pytest -n NUM where num is number of parallel processes.

License

Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)

About

Scan for open S3 buckets and dump

Languages

Language:Python 100.0%