Skip to content
/ digger Public

Identifies bucket/container misconfigurations. AWS S3, GCS, Azure storage. Useful when doing pentests/security reviews.

0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

freddd/digger

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 

Repository files navigation

DIGGER

Experimental - needs lots of refactoring

Identifies bucket/container misconfigurations.

S3 (AWS)

Requires AWS_ACCESS_KEY and AWS_SECRET_KEY to be set. Tries to list objects, upload an object and remove the uploaded object.

USAGE:
    digger s3 --region=<region> bucket1 bucket2 bucketN

GCS (GCP)

Requires GOOGLE_APPLICATIONS_CREDENTIALS to be set. Uses the testPermissions endpoint to find out if it's possible to get, update, delete objects and get/set IAM policy.

USAGE:
    digger gcs bucket1 bucket2 bucketN

STORAGE (Azure)

Runs as unauthenticated - upload and delete is not implemented

USAGE:
    digger storage --account=<account> container1 container2 containerN

About

Identifies bucket/container misconfigurations. AWS S3, GCS, Azure storage. Useful when doing pentests/security reviews.

Topics

s3 gcs azure-storage

Resources

Readme
Activity

Stars

0 stars

Watchers

4 watching

Forks

2 forks
Report repository

Releases 1

v0.0.5 Latest
Jan 27, 2021

Packages

No packages published

Languages