Coder Social home page Coder Social logo

virtuesecurity / aws-extender-cli Goto Github PK

View Code? Open in Web Editor NEW
82.0 7.0 21.0 18 KB

AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues using the boto/boto3 SDK library.

License: MIT License

Python 100.00%

aws-extender-cli's Introduction

AWS Extender CLI

AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues using the boto/boto3 SDK library.

Installing Dependencies

Both of boto and boto3 are required. You can install them using pip:

$ pip install -r requirements.txt

CLI Arguments

Below is a description of supported arguments:

Argument Description Required
-h, --help Show a help message and exit False
-f, --filepath The path of a bucket names list False*
-b, --bucket The name of the bucket to test False*
-w, --wordlist A wordlist filepath False
-o, --output An output filename False
-k, --keys The path of your credentials file False
-s, --service the name of the storage service ("S3", "GS", or "Azure") True

Notes:

  • Mutually exclusive arguments are denoted by an asterisk.
  • The -k/--keys argument expects the filepath of your AWS/GS keys. The keys are expected to be in the following format:
aws_access_key_id=XXXXXXXXXXXXXXXXXXXX
aws_secret_access_key=XXXXXXXXXXXXXXXXXXXXXX

Example Usage:

$ python aws_extender_cli.py -s S3 -b flaws.cloud -k keys.csv
===== (flaws.cloud) =====
[*] s3:ListMultipartUploadParts
[*] s3:ListBucket
	* hint1.html
	* hint2.html
	* hint3.html
	* index.html
	* robots.txt
	* secret-dd02c7c.html

aws-extender-cli's People

Contributors

0xsobky avatar ciara1234 avatar elliottfrantz avatar nk9 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

user-nobody sajibekanti 0xsobky expertasif w00t3k ciara1234 megnnan seabreg jonz-secops modulexcite 5l1v3r1 digitalarche nk9 zaddy6 eric-linx hartl3y94 cqr-cryeye-forks darkoneiroi kyddjam2live

aws-extender-cli's Issues

Python 3.9 "getchildren" error

I'm receiving the following error when running with Python 3.9.1.

AttributeError: 'xml.etree.ElementTree.Element' object has no attribute 'getchildren'

Looks like the getchildren method was removed in python 3.9.

I guess I can just use an earlier verison of python, but it would be great to have a longer term fix.

Python 3 Support

It would be cool to have Python 3 support, and at the very least, a note in the README that 2.x is required currently.

โ‡’  python --version
Python 3.5.2

python aws_extender_cli.py -h
  File "aws_extender_cli.py", line 497
    print ''.join(issues).strip()
           ^
SyntaxError: invalid syntax

Key file format

Rather than expecting a custom format

AccessKeyId=XXXX
SecretKey=XXXX

the tool could parse the format of ~/.aws/credentials

[profile_name]
aws_access_key_id =  xxx
aws_secret_access_key = xxx

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.