Hackers of India

BucketLoot - An Automated S3 Bucket Inspector

By  Owais Shaikh   Umair Nehri  on 09 Aug 2023 @ Blackhat : Arsenal

This Tool Demo covers following tools where the speaker has contributed or authored
BUCKETLOOT

Abstract

Thousands of S3 buckets are left exposed over the internet, making it a prime target for malicious actors who may extract sensitive information from the files in these buckets that can be associated with an individual or an organisation. There is a limited research or tooling available that leverages such S3 buckets for looking up secret exposures and searching specific keywords or regular expression patterns within textual files. BucketLoot is an automated S3 Bucket Inspector that can simultaneously scan all the textual files present within an exposed S3 bucket from platforms such as AWS, DigitalOcean etc. It scans the exposed textual files for: