Open web directories have long been a target of hackers looking for cheap wins in the search for sensitive data.
Today, open S3 buckets are becoming a new favorite source for discovering data sitting on the public internet. Common finds include internal documents, unsecured camera feeds, IOT devices, git configuration files, .htpasswd files, and more.
Many open source tools exist to find and pilfer from these buckets, but a new tool now makes that easier than ever. With its free and easy to use web interface, it’s likely the number of hackers aware of this data source has dramatically increased.
As with any technology, it can be used for good or evil. Defenders can run the same searches as attackers as part of their vulnerability management program.
Periodically search for the company name, insider jargon and codewords, and client and partner names to find if any data is exposed. Also consider conducting a thorough permissions audit of any S3 buckets in use.