Open Source    

Red-Bucket

Lightspin S3 Bucket Scanner

Description

Scan your S3 Buckets for public access and cross-account attack discovered by Lightspin's Security Research Team.

The tool analyzes the following:

  • Bucket's block public access settings

  • Bucket policy and ACL

  • Object ACL

Research Summary

Check out our S3 buckets security research blogs:

Part 1 - How to Access AWS S3 Buckets 

Part 2 - S3 Buckets Miscofiguration Risks