{"id":13454426,"url":"https://github.com/eth0izzle/bucket-stream","last_synced_at":"2025-04-08T00:39:00.367Z","repository":{"id":43061351,"uuid":"112541651","full_name":"eth0izzle/bucket-stream","owner":"eth0izzle","description":"Find interesting Amazon S3 Buckets by watching certificate transparency logs.","archived":false,"fork":false,"pushed_at":"2022-12-07T23:45:14.000Z","size":43,"stargazers_count":1750,"open_issues_count":8,"forks_count":209,"subscribers_count":68,"default_branch":"master","last_synced_at":"2024-10-29T17:54:25.242Z","etag":null,"topics":["amazon-s3","certificate-transparency","certstream","cyber","cyint"],"latest_commit_sha":null,"homepage":"https://www.darkport.co.uk","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eth0izzle.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-11-29T23:58:20.000Z","updated_at":"2024-10-29T08:35:04.000Z","dependencies_parsed_at":"2022-08-12T10:11:36.323Z","dependency_job_id":null,"html_url":"https://github.com/eth0izzle/bucket-stream","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eth0izzle%2Fbucket-stream","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eth0izzle%2Fbucket-stream/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eth0izzle%2Fbucket-stream/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eth0izzle%2Fbucket-stream/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eth0izzle","download_url":"https://codeload.github.com/eth0izzle/bucket-stream/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247334018,"owners_count":20922129,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["amazon-s3","certificate-transparency","certstream","cyber","cyint"],"created_at":"2024-07-31T08:00:53.975Z","updated_at":"2025-04-08T00:39:00.348Z","avatar_url":"https://github.com/eth0izzle.png","language":"Python","funding_links":[],"categories":["Content Discovery","\u003ca id=\"c71ad1932bbf9c908af83917fe1fd5da\"\u003e\u003c/a\u003eAWS","\u003ca id=\"7e840ca27f1ff222fd25bc61a79b07ba\"\u003e\u003c/a\u003e特定目标","Python","Bucket Enumeration Tools"],"sub_categories":["AWS S3 Bucket","\u003ca id=\"0476f6b97e87176da0a0d7328f8747e7\"\u003e\u003c/a\u003eblog","\u003ca id=\"c71ad1932bbf9c908af83917fe1fd5da\"\u003e\u003c/a\u003eAWS"],"readme":"# 🚨 Bucket Stream is no longer maintained. If you need support or consultation for your red teaming endeavours, drop me an e-mail paul@darkport.co.uk 🚨\n\n# Bucket Stream\n\n**Find interesting Amazon S3 Buckets by watching certificate transparency logs.**\n\nThis tool simply listens to various certificate transparency logs (via certstream) and attempts to find public S3 buckets from permutations of the certificates domain name.\n\n![Demo](https://i.imgur.com/ZFkIYhD.jpg)\n\n**Be responsible**. I mainly created this tool to highlight the risks associated with public S3 buckets and to put a different spin on the usual dictionary based attacks. Some quick tips if you use S3 buckets:\n\n1) Randomise your bucket names! There is no need to use `company-backup.s3.amazonaws.com`.\n2) Set appropriate permissions and audit regularly. If possible create two buckets - one for your public assets and another for private data.\n3) Be mindful about **your data**. What are suppliers, contractors and third parties doing with it? Where and how is it stored? These basic questions should be addressed in every info sec policy.\n4) Try [Amazon Macie](https://aws.amazon.com/macie/) - it can automatically classify and secure sensitive data.\n\nThanks to my good friend David (@riskobscurity) for the idea.\n\n## Installation\n\nPython 3.4+ and pip3 are required. Then just:\n\n1. `git clone https://github.com/eth0izzle/bucket-stream.git`\n2. *(optional)* Create a virtualenv with `pip3 install virtualenv \u0026\u0026 virtualenv .virtualenv \u0026\u0026 source .virtualenv/bin/activate`\n2. `pip3 install -r requirements.txt`\n3. `python3 bucket-stream.py`\n\n## Usage\n\nSimply run `python3 bucket-stream.py`.\n\nIf you provide AWS access and secret keys in `config.yaml` Bucket Stream will attempt to access authenticated buckets and identity the buckets owner. **Unauthenticated users are severely rate limited.**\n\n    usage: python bucket-stream.py\n\n    Find interesting Amazon S3 Buckets by watching certificate transparency logs.\n\n    optional arguments:\n      -h, --help            Show this help message and exit\n      --only-interesting    Only log 'interesting' buckets whose contents match\n                            anything within keywords.txt (default: False)\n      --skip-lets-encrypt   Skip certs (and thus listed domains) issued by Let's\n                            Encrypt CA (default: False)\n      -t , --threads        Number of threads to spawn. More threads = more power.\n                            Limited to 5 threads if unauthenticated.\n                            (default: 20)\n      --ignore-rate-limiting\n                            If you ignore rate limits not all buckets will be\n                            checked (default: False)\n      -l, --log             Log found buckets to a file buckets.log (default:\n                            False)\n      -s, --source          Data source to check for bucket permutations. Uses\n                            certificate transparency logs if not specified.\n                            (default: None)\n      -p, --permutations    Path of file containing a list of permutations to try\n                            (see permutations/ dir). (default: permutations\\default.txt)\n\n## F.A.Qs\n\n- **Nothing appears to be happening**\n\n   Patience! Sometimes certificate transparency logs can be quiet for a few minutes. Ideally provide AWS secrets in `config.yaml` as this greatly speeds up the checking rate.\n\n- **I found something highly confidential**\n\n   **Report it** - please! You can usually figure out the owner from the bucket name or by doing some quick reconnaissance. Failing that contact Amazon's support teams.\n\n## Contributing\n\n1. Fork it, baby!\n2. Create your feature branch: `git checkout -b my-new-feature`\n3. Commit your changes: `git commit -am 'Add some feature'`\n4. Push to the branch: `git push origin my-new-feature`\n5. Submit a pull request.\n\n## License\n\nMIT. See LICENSE\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feth0izzle%2Fbucket-stream","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feth0izzle%2Fbucket-stream","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feth0izzle%2Fbucket-stream/lists"}