Skip to content
/ digger Public

Identifies bucket/container misconfigurations. AWS S3, GCS, Azure storage. Useful when doing pentests/security reviews.

0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

freddd/digger

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

.github/workflows

.github/workflows

 
 

src

src

 
 

.gitignore

.gitignore

 
 

Cargo.lock

Cargo.lock

 
 

Cargo.toml

Cargo.toml

 
 

README.md

README.md

 
 

Repository files navigation

DIGGER

Experimental - needs lots of refactoring

Identifies bucket/container misconfigurations.

S3 (AWS)

Requires AWS_ACCESS_KEY and AWS_SECRET_KEY to be set. Tries to list objects, upload an object and remove the uploaded object.

USAGE:
    digger s3 --region=<region> bucket1 bucket2 bucketN

GCS (GCP)

Requires GOOGLE_APPLICATIONS_CREDENTIALS to be set. Uses the testPermissions endpoint to find out if it's possible to get, update, delete objects and get/set IAM policy.

USAGE:
    digger gcs bucket1 bucket2 bucketN

STORAGE (Azure)

Runs as unauthenticated - upload and delete is not implemented

USAGE:
    digger storage --account=<account> container1 container2 containerN

About

Identifies bucket/container misconfigurations. AWS S3, GCS, Azure storage. Useful when doing pentests/security reviews.

Topics

s3 gcs azure-storage

Resources

Readme
Activity

Stars

0 stars

Watchers

4 watching

Forks

2 forks
Report repository

Releases 1

v0.0.5 Latest
Jan 27, 2021

Packages

No packages published

Languages