S3BucketLeaks - External audit of Amazon S3 Bucket configuration to prevent data breach (offensive side).

S3BucketLeaks – External audit of Amazon S3 Bucket configuration to prevent data breach (offensive side).

S3BucketLeaks is a tool written in bash which allows to carry out some AWS API request to inform about the configuration of a specific bucket and to exploits the potential misconfigurations.

The main interest of this tool is to try to upload and remove a file in the target bucket to know if the write (up and/or remove) perm is allowed to everyone even if the listing one isn’t. However, some other features which already exist in many tools are centralized in this one for convenience.

S3BucketsLeaks

See AWScli S3 doc(https://docs.aws.amazon.com/cli/latest/reference/s3/index.html#cli-aws-s3) and AWScli S3API doc(https://docs.aws.amazon.com/cli/latest/reference/s3api/index.html#cli-aws-s3api) for more specific cmd.

Improvements
+ Remove test: allow to quit ;
+ Check if it is possible to write ACL on bucket and objetcts (put-bucket-acl & put-object-acl);
+ Allow to select keylist to read only intersting files.

Dependencies:
+ Python2 and awscli python2 library.

Use and Download:

Source: https://github.com/zweisamkeit