06.03.2018       Выпуск 220 (05.03.2018 - 11.03.2018)       Интересные проекты, инструменты, библиотеки

S3Scanner - сканер открытых S3 bucket

Читать>>



Экспериментальная функция:

Ниже вы видите текст статьи по ссылке. По нему можно быстро понять ссылка достойна прочтения или нет

Просим обратить внимание, что текст по ссылке и здесь может не совпадать.

README.md

S3Scanner

License: CC BY-NC-SA 4.0 Build Status

A tool to find open S3 buckets and dump their contents💧

1 - s3finder.py

Using

#  s3scanner - Find S3 buckets and dump!
#
#  Author: Dan Salmon - @bltjetpack, github.com/sa7mon

positional arguments:
  buckets                Name of text file containing buckets to check

optional arguments:
  -h, --help              show this help message and exit
  -o, --out-file OUTFILE  Name of file to save the successfully checked buckets in (Default: buckets.txt)
  -c, --include-closed    Include found but closed buckets in the out-file
  -r , --default-region   AWS region to default to (Default: us-west-1)
  -d, --dump              Dump all found open buckets locally

The tool takes in a list of bucket names to check. Found S3 domains are output to file with their corresponding region in the format 'domain:region'. The tool will also dump the contents of 'open' buckets locally.

Examples

This tool accepts the following type of bucket formats to check:

  • bucket name - google-dev
  • domain name - uber.com, sub.domain.com
  • full s3 url - yahoo-staging.s3-us-west-2.amazonaws.com (To easily combine with other tools like bucket-stream)
  • bucket:region - flaws.cloud:us-west-2
> cat names.txt
flaws.cloud
google-dev
testing.microsoft.com
yelp-production.s3-us-west-1.amazonaws.com
github-dev:us-east-1
  1. Dump all open buckets, log both open and closed buckets to found.txt

    > python ./s3scanner.py --include-closed --out-file found.txt --dump names.txt
  2. Just log open buckets to the default output file (buckets.txt)

Installation

  1. (Optional) virtualenv venv && source ./venv/bin/activate
  2. pip install -r requirements.txt
  3. python ./s3scanner.py

(Compatibility has been tested with Python 2.7 and 3.6)

Contributing

Issues are welcome and Pull Requests are appreciated. All contributions should be compatible with both Python 2.7 and 3.6.

Testing

  • All test are currently in test_scanner.py
  • Run tests with in 2.7 and 3.6 virtual environments.
  • This project uses pytest-xdist to run tests. Use pytest -n NUM where num is number of parallel processes.

License

Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)



Лучшая Python рассылка



Разместим вашу рекламу

Пиши: mail@pythondigest.ru

Нашли опечатку?

Выделите фрагмент и отправьте нажатием Ctrl+Enter.

Система Orphus