What is S3Scanner
A tool to find open S3 buckets and dump their contents!
Commands
Main
s3scanner scan --bucket my-bucket(Bucket Name)
s3scanner dump --bucket my-bucket(Bucket Name) --dump-dir ~/Desktop/...(pc location)/
Other Commands
usage: s3scanner [-h] [--version] [--threads n] [--endpoint-url ENDPOINT_URL] [--endpoint-address-style {path,vhost}] [--insecure] {scan,dump} ...
s3scanner: Audit unsecured S3 buckets
by Dan Salmon - github.com/sa7mon, @bltjetpack
optional arguments:
-h, --help show this help message and exit
--version Display the current version of this tool
--threads n, -t n Number of threads to use. Default: 4
--endpoint-url ENDPOINT_URL, -u ENDPOINT_URL
URL of S3-compliant API. Default: https://s3.amazonaws.com
--endpoint-address-style {path,vhost}, -s {path,vhost}
Address style to use for the endpoint. Default: path
--insecure, -i Do not verify SSL
mode:
{scan,dump} (Must choose one)
scan Scan bucket permissions
dump Dump the contents of buckets
More Information
More information ---> https://github.com/sa7mon/S3Scanner (opens in a new tab)