S3crets Scanner – New Tool to Scan and Secure Public AWS S3 Buckets

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing
The information that is stored accidentally in AWS S3 or public storage buckets that are exposed publicly could now be accessed by security researchers and red team members with the help of a new open-source scanner tool, called S3crets Scanner.

AWS S3 is an Amazon cloud storage service that permits companies to store several key elements like their data, tools, and services in containers.

The containers that are provided by Amazon S3 are referred to as buckets, and they are made available to specific groups by the companies.

Companies, however, are not always fortunate when it comes to the security of their buckets. In short, sometimes they fail to adequately secure them and as a result, they become publicly accessible. Due to this, all these buckets expose their essential data to the public.

Here in the below image, you can see all the auto action capabilities of S3crets Scanner:-

Below we have listed all the S3 bucket configurations that are set to false since this automated scanner only selects the S3 buckets consisting of these configurations:-

  • BlockPublicAcls
  • BlockPublicPolicy
  • IgnorePublicAcls
  • RestrictPublicBuckets

The Trufflehog3 tool is used by the script to inspect the content of text files inside a bucket during the scanning process. Trufflehog3 is an enhanced version of the secrets scanner tool and this version of the tool is completely based on the Go programming language.

This enhanced version of the tool has the capability to scan the credentials and private keys on the following platforms:-

  • GitHub
  • GitLab
  • Filesystems
  • S3 buckets

In Trufflehog3 a set of custom rules are used to scan the files that have been downloaded by S3crets. These rules target the following things:-

  • PII exposure
  • Internal access tokens

Moreover, it is believed that this “S3crets Scanner” tool may be helpful to firms in preventing their probabilities of losing data or having their networks compromised.