aws-s3-data-finder
Find suspicious files (e.g. data backups, PII, credentials) across a large set of AWS S3 buckets and write the first 200k keys (by default) of listable buckets to a .json or .xml file (in buckets/) via AWS CLI or unauthenticated via HTTP requests.
Name:aws-s3-data-finder
Category:Discovery
Publisher:trickest
Created:9/7/2021
Container:
quay.io/trickest/aws-s3-data-finder:244701a
Output Type:
License:Unknown
Source:View Source
Parameters
-v
Print verbose (Critical and errors)--endpoint
Endpoint to use if doing an unauth scan. Auth scan will use region in awscli-nk
Number of keys to get per bucket--test
Test mode to just print the bucket names being run--characters
Characters to run via random/bruteforce, e.g. abcdefg..-n
Name to run-sa
For all_chars, start after this string-nl
List of names to run-vv
Print very verbose (critical, errors, and warnings)-ac
Run all chars-pp
Run with prefixes and/or postfixes - options: prefix, postfix, both--unauthenticated
Run the search unauthenticated, via web request--no_follow_redirect
Don't follow redirects--rerun
Rerun previously searched buckets-rc
Run random chars-nc
Length of bucket name-p
Print buket names as you go--realert
Realert previously alerted suspicious files