A tool to find open S3 buckets and dump their contents
The tool takes in a list of bucket names to check. Found S3 buckets are output to file. The tool will also dump or list the contents of ‘open’ buckets locally.
Features
⚡️ Multi-threaded scanning
🔭 Supports tons of S3-compatible APIs
🕵️♀️ Scans all bucket permissions to find misconfigurations
💾 Dump bucket contents to a local folder
🐳 Docker support
Changelog v2.0.2
Fixes #122 – CVE-2021-32061: Path Traversal via dump of malicious bucket
[hide][Hidden Content]]