2tearsinabucket
2tearsinabucket is a specialized enumeration tool designed for identifying and analyzing Amazon S3 buckets associated with specific targets. The tool focuses on discovering S3 buckets that may be linked to a particular organization or domain, providing security researchers and penetration testers with the ability to assess cloud storage configurations. Key capabilities include: - Target-specific S3 bucket enumeration - Detection of potential security misconfigurations - Detailed bucket information gathering - Vulnerability identification in S3 storage setups The tool operates by systematically searching for S3 buckets that may belong to or be associated with a specified target, helping identify exposed or misconfigured cloud storage resources that could present security risks.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Cloudmarker is a configurable cloud monitoring tool and framework that audits Azure and GCP environments by retrieving, analyzing, and alerting on cloud security data.
A tutorial demonstrating how to implement Kubernetes Engine security features to control application privileges through host access controls and network access policies.
A deprecated Kubernetes workload policy enforcement tool that helped secure multi-tenant clusters through various security policies and configurations.
S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.
AWS Vault securely stores AWS IAM credentials in the operating system's keystore and generates temporary credentials for development environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
KICS is an open-source Infrastructure as Code security scanner that detects vulnerabilities and misconfigurations through customizable queries and integrates with CI/CD pipelines.
FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.
HAWK is a multi-cloud antivirus scanning API that uses CLAMAV and YARA engines to detect malware in AWS S3, Azure Blob Storage, and GCP Cloud Storage objects.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.