S3Scanner
S3Scanner is an open-source tool that scans for misconfigured S3 buckets across S3-compatible APIs, helping to identify potential security vulnerabilities and data exposure risks. The tool provides a comprehensive scan of S3 buckets, detecting issues such as publicly accessible buckets, unsecured buckets, and buckets with misconfigured permissions. S3Scanner is designed to help security teams and developers identify and remediate S3 bucket misconfigurations, reducing the risk of data breaches and unauthorized access. With its easy-to-use interface and customizable scanning options, S3Scanner is an essential tool for anyone working with S3 buckets and concerned about cloud security.
FEATURES
ALTERNATIVES
Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.
Cloud Custodian (c7n) is a rules engine for managing public cloud accounts and resources with a focus on security, compliance, and cost optimization.
A Terraform module to set up a secure AWS account configuration baseline
Krampus is a security solution for managing AWS objects and can be used as a cost-control tool.
A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies
CloudScraper is a tool for enumerating cloud resources, including S3 Buckets, Azure Blobs, and Digital Ocean Storage Space.
A tool to analyze and audit AWS environments for security issues and misconfigurations.
Exploring the transition towards real sandbox containers and the differences in privileges compared to traditional sandboxes like Chrome.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.