Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/password123456/s3-audit

simple dictionary based read, write, delete permission audit tool for aws s3 written in python.
https://github.com/password123456/s3-audit

aws aws-s3 s3-audit s3-bucket s3-bucket-finder s3-bucket-leak

Last synced: 24 days ago
JSON representation

simple dictionary based read, write, delete permission audit tool for aws s3 written in python.

Host: GitHub
URL: https://github.com/password123456/s3-audit
Owner: password123456
Created: 2022-04-12T10:49:44.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2022-04-12T11:14:28.000Z (almost 3 years ago)
Last Synced: 2024-12-30T11:43:42.663Z (26 days ago)
Topics: aws, aws-s3, s3-audit, s3-bucket, s3-bucket-finder, s3-bucket-leak
Language: Python
Homepage:
Size: 5.86 KB
Stars: 1
Watchers: 3
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        # s3_audit

![made-with-python][made-with-python]

![Python Versions][pyversion-button]

[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Fpassword123456%2Fhit-counter&count_bg=%2379C83D&title_bg=%23555555&icon=&icon_color=%23E7E7E7&title=hits&edge_flat=false)](https://hits.seeyoufarm.com)

[pyversion-button]: https://img.shields.io/pypi/pyversions/Markdown.svg

[made-with-python]: https://img.shields.io/badge/Made%20with-Python-1f425f.svg

- Simple dictionary based read, write, delete permission audit tool for aws s3 bucket written in python.

- Need to aws-cli [(Here get it.)](https://docs.aws.amazon.com/ko_kr/cli/latest/userguide/getting-started-install.html)

- The scan result only show 'true/ false /not given'

- if you see the true flag in the result, have to further scanning or do others ways to find out vulnerability.

- Get the ACL of the S3 bucket using aws credential(access_key method) and fix the vulnerable permission.

# Documentation

```python

# pip install requests

# python main.py

```

# Output

```python

##### Scan Completed ####

1,2022-04-12 19:39:52 yours3domain.s3.ap-northeast-1.amazonaws.com [ListObject: False, PutObject: False, DeleteObject: False]

2,2022-04-12 19:39:56 yours3domain.s3.amazonaws.com [ListObject: False, PutObject: False, DeleteObject: False]

##### This is not S3(?). Make sure domain is correct. ####

1,2022-04-12 19:39:56 nots3domain.com [ListObject: Not_Given, PutObject: Not_Given, DeleteObject: Not_Given]

2,2022-04-12 19:39:56 nots3domain.com [ListObject: Not_Given, PutObject: Not_Given, DeleteObject: Not_Given]

3,2022-04-12 19:39:56 nots3domain.com [ListObject: Not_Given, PutObject: Not_Given, DeleteObject: Not_Given]

4,2022-04-12 19:39:56 nots3domain.com [ListObject: Not_Given, PutObject: Not_Given, DeleteObject: Not_Given]

```