aws-s3-data-finder
aws-s3-data-finder
Find suspicious files (e.g. data backups, PII, credentials) across a large set of AWS S3 buckets and write the first 200k keys (by default) of listable buckets to a .json or .xml file (in buckets/) via AWS CLI or unauthenticated via HTTP requests.
Details
Category: Discovery
Publisher: trickest
Created Date: 9/7/2021
Container: quay.io/trickest/aws-s3-data-finder:244701a
Source URL: https://github.com/Ucnt/aws-s3-data-finder
Parameters
Command:
-v - Print verbose (Critical and errors)Command:
--endpoint - Endpoint to use if doing an unauth scan. Auth scan will use region in awscliCommand:
-nk - Number of keys to get per bucketCommand:
--test - Test mode to just print the bucket names being runCommand:
--characters - Characters to run via random/bruteforce, e.g. abcdefg..Command:
-n - Name to runCommand:
-sa - For all_chars, start after this stringCommand:
-nl - List of names to runCommand:
-vv - Print very verbose (critical, errors, and warnings)Command:
-ac - Run all charsCommand:
-pp - Run with prefixes and/or postfixes - options: prefix, postfix, bothCommand:
--unauthenticated - Run the search unauthenticated, via web requestCommand:
--no_follow_redirect - Don't follow redirectsCommand:
--rerun - Rerun previously searched bucketsCommand:
-rc - Run random charsCommand:
-nc - Length of bucket nameCommand:
-p - Print buket names as you goCommand:
--realert - Realert previously alerted suspicious files