New open-source scanner exposes Amazon’s AWS storage buckets

Share post:

Security researcher Eilon Harel was able to uncover Amazon’s AWS S3 storage buckets using an open-source “Secrets Scanner.”

Amazon S3 (Simple Storage Service) is a cloud storage service used by organizations to store software, services and data in containers marked as buckets. Unable to properly back up their S3 buckets, organizations make stored data publicly available to the internet.

To exploit this loophole, Harel created a Python tool called “S3crets Scanner,” which performs specific actions, including using CSPM to get a list of public buckets, listing the bucket content via API queries, searching for exposed textual files, downloading the relevant textual files, downloading the relevant textual files, searching the contents for secrets, and forwarding the results to SIEM.

When scanning a bucket, the script examines the content of text files using the Trufflehog3 tool. The tool is an improved Go-based version of the secret scanner that can search GitHub, GitLab, file systems and S3 buckets for credentials and private keys.

Trafflehog3 scans the files downloaded by S3crets using a custom rule designed by Harel which target personally identifiable information (PII) exposure and internal access tokens.

However, the scanner only lists S3 buckets that have the following configurations set to ‘False.’

All buckets that are supposed to be public are filtered out of the list before the textual files are downloaded for the “secrets scanning” step.

The researcher explain that the scanner can be used to scan an organization’s assets, ultimately helping to minimize the likelihood of data leaks or network breaches resulting from the exposure of secrets.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

DOGE’s Teen Hacker Stirs Concern Over Musk Team’s Access to Federal Databases

A 19-year-old named Edward “Big Balls” Coristine has raised red flags after Wired revealed he holds a key...

Deep Seek and Open Source AI – Without the Hype: Discussion with Robert Falzon, Head of Engineering, Check Point

DeepSeek AI is shaking up the cybersecurity world—are we prepared for the risks? Join host Jim Love and...

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

New SMS Phishing Scam Targets U.S. Toll Road Users with Fake Payment Alerts

Brian Krebs of the Krebs on Security blog did a big piece leading with how residents across the...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways