recentpopularlog in

whip_lash : s3   13

hehnope/slurp: Evaluate the security of S3 buckets
Credit to all the vendor packages that made this tool possible.
This is a security tool; it's meant for pen-testers and security professionals to perform audits of s3 buckets.
aws  s3  pentest 
august 2019 by whip_lash
A Tale of Two Buckets: Investigating Multi-Account IAM Issues in S3 and CloudFront - Thence Consulting
Fortunately, OAI has a hack a S3CanonicalUserId property which you can (only) find via an API call like the one below
aws  iam  s3  cloudfront  lambda 
july 2019 by whip_lash
Cyberduck | Libre server and cloud storage browser for Mac and Windows with support for FTP, SFTP, WebDAV, Amazon S3, OpenStack Swift, Backblaze B2, Microsoft Azure & OneDrive, Google Drive and Dropbox
Cyberduck is a libre server and cloud storage browser for Mac and Windows with support for FTP, SFTP, WebDAV, Amazon S3, OpenStack Swift, Backblaze B2, Microsoft Azure & OneDrive, Google Drive and Dropbox.
aws  cloud  storage  s3  tool 
july 2018 by whip_lash
Hosting a Static Website on Amazon S3 - Amazon Simple Storage Service
You can host a static website on Amazon Simple Storage Service (Amazon S3). On a static website, individual webpages include static content. They might also contain client-side scripts. By contrast, a dynamic website relies on server-side processing, including server-side scripts such as PHP, JSP, or ASP.NET. Amazon S3 does not support server-side scripting. Amazon Web Services (AWS) also has resources for hosting dynamic websites. To learn more about website hosting on AWS, go to Websites and Website Hosting.
amazon  aws  s3  hosting 
july 2018 by whip_lash
Tools. | rojan-rijal.github.io
This is an ongoing project with more tools coming up in future. Pretty soon official site for this project will be made public at bugbounty.site. Some of the projects that are already released can be seen under the Tools section above.
s3  amazon  search  scanner 
january 2018 by whip_lash
Unsecured Amazon S3 Bucket Exposes Details on 123 Million American Households
While the data belonging to the US Census Bureau —the 2010 census results — were already publicly available on the Bureau's Census website, the Experian data was never meant to be exposed.

The Experian data was stored in a file named "ConsumerView_10_2013.yxdb and contained what UpGuard researchers described as the "personally identifying details and data points about virtually every American household."
breach  hacking  s3 
december 2017 by whip_lash

Copy this bookmark:





to read