Port 22

Slurp: An s3 bucket enumerator has been re-written and re-released

I released slurp back in December of 2017 and it was featured in SANS NewsBites; pretty cool. But, there where some bugs with it, such as connection dropping and so forth. I have since rewritten slurp to be more of a targeted tool instead of a passive surveillance tool (I removed certstream).

I believe this change is to the benefit of the community; because, I have since added a method to scan S3 buckets if you have AWS credentials (~/.aws/credentials); this method is very fast and will give you results quickly. But, if you lack that kind of access the good old fashioned domain/keyword scanning is still there and works as expected.

As usual, all tools I write are strong copyleft; so slurp stays GPLv3 with the benefit that it will help the community…. or anyone who accidentally left buckets public facing.

You can find the project here: https://github.com/hehnope/slurp

submitted by /u/Smooth_Mess
[link] [comments]