awesome-sec-s3
A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets
https://github.com/mxm0z/awesome-sec-s3
Last synced: 2 days ago
JSON representation
-
Bucket Enumeration Tools
- AWSBucketDump
- bucket-stream
- goGetBucket
- bucket_finder
- PyLazyS3
- inSp3ctor
- bucketkicker
- kicks3
- RoboBucketeer
- Grayhat Warfare
- bucket-scraper
- s3recon
- s3finder
- s3enum
- s3-buckets-finder
- s3-buckets-finder
- Sandcastle
- S3Scanner
- mubrute
- bucket_finder
- Bucket_Finder
- haka_toni_bucket_finder
- s3-open-bucket-finder
- s3scanner
- bucket-hunter
-
Awesome AWS S3 Security [](https://github.com/mxm0z/awesome-sec-s3)
- How to search for Open Amazon s3 Buckets and their contents
- There's a Hole in 1,951 Amazon S3 Buckets
- Exposed S3 bucket CloudTrail logs — Another way to compromise security
- Securing and Protecting Against Exposed S3 Buckets
- Effective S3 Bucket Management to Prevent and Mitigate Data Exposure
- The Bucket List: Experiences Operating S3 Honeypots
- bucket-scraper - Command-line application for scraping, indexing and downloading of Amazon S3 buckets
- s3-inspector - Tool to check AWS S3 bucket permissions
-
Articles
-
Wayback Machine Enumeration
- There's a Hole in 1,951 Amazon S3 Buckets - Rapid7 research
- List of AWS S3 Leaks - Comprehensive list of documented S3 data exposures
- Unsecured Public Information in S3 Buckets - Rapid7 misconfiguration guide
- Exposed S3 Bucket CloudTrail Logs - Security implications of exposed logs
- How to Search for Open Amazon S3 Buckets - GrayhatWarfare guide
- Amazon S3 Bucket Public Access Considerations - Official AWS guidance
- Analysing Amazon's Buckets - DigiNinja analysis
- Fantastic! Public S3 Buckets and How to Find Them - Auth0 blog
-
-
Videos
-
General Purpose Tools
-
Techniques
-
Wayback Machine Enumeration
-
Categories
](https://github.com/mxm0z/awesome-sec-s3) 9](#category-Awesome AWS S3 Security [](https://github.com/mxm0z/awesome-sec-s3)){kind=link}
Sub Categories
Keywords
s3
7
aws
5
bugbounty
5
s3-bucket
5
aws-s3
3
security-tools
2
recon
2
python
2
amazon-s3
2
scanner
2
finder
2
bucket
2
infosec
2
certificate-transparency
1
certstream
1
cyber
1
cyint
1
gcp
1
php
1
pentesting
1
cloud
1
reconnaissance
1
hacking
1
digitalocean
1
upload
1
stream
1
terminal
1
scraper
1
public
1
open
1
fuzzy
1
cli
1
amazon
1
crawler
1
python3
1
golang
1
storage
1
s3-bucket-finder
1
bucket-misconfiguration-testing
1
automation
1
penetration-testing
1
enumeration
1
s3scanner
1
azure
1