s3scanner - Find S3 buckets and dump.

s3scanner – Find S3 buckets and dump.

s3scanner tool takes in a list of bucket names to check. Found S3 domains are output to file with their corresponding region in the format ‘domain:region’. The tool will also dump the contents of ‘open’ buckets locally.

s3scanner tool will attempt to get all available information about a bucket, but it’s up to you to interpret the results.
Settings available for buckets:
* Object Access (object in this case refers to files stored in the bucket)
+-+ List Objects
+-+ Write Objects
+ ACL Access
+-+ Read Permissions
+-+ Write Permissions


* Any or all of these permissions can be set for the 2 main user groups:
+ Authenticated Users
+ Public Users (those without AWS credentials set)
+ (They can also be applied to specific users, but that’s out of scope)

What this means: Just because a bucket returns “AccessDenied” for it’s ACLs doesn’t mean you can’t read/write to it. Conversely, you may be able to list ACLs but not read/write to the bucket

+ Python 2.7.x and Python 3.6.x

Use and Download:

Source: https://github.com/sa7mon