awesome-sec-s3
github.com/mxm0z/awesome-sec-s3 ↗A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me articles resources from awesome-sec-s3"
Installation instructions →What's inside
Articles
- Amazon S3 Bucket Public Access Considerations
Official AWS guidance
- Analysing Amazon's Buckets
DigiNinja analysis
- Exposed S3 Bucket CloudTrail Logs
Security implications of exposed logs
- Fantastic! Public S3 Buckets and How to Find Them
Auth0 blog
- How to Search for Open Amazon S3 Buckets
GrayhatWarfare guide
- List of AWS S3 Leaks
Comprehensive list of documented S3 data exposures
Bucket Enumeration Tools
- AWSBucketDump
Quickly enumerate AWS S3 buckets to look for loot
- bucket_finder
DigiNinja's bucket_finder utility
- bucket_finder
Trawl Amazon S3 buckets for interesting files
- Bucket_Finder
Leaky Buckets finder
- bucket-hunter
Amazon AWS Exposed Bucket Hunter
- bucketkicker
Quickly enumerate AWS S3 buckets and look for loot
General Purpose Tools
- CloudScraper
Enumerate targets for cloud resources (S3, Azure Blobs, DO Spaces)
- CloudStorageFinder
Find public data in cloud storage systems
- exif-scraper
Extract EXIF data from S3 bucket photos
- mlb-dfs-scrapers
Web scraping for dumping stats to S3 bucket CSV files
- s3m
CLI for streams of data in S3 buckets
Videos
- Effective S3 Bucket Management
Prevention and mitigation techniques
- How do I find out which S3 buckets allow access from the Internet?
AWS guidance on identifying public buckets
- Securing and Protecting Against Exposed S3 Buckets
Defensive strategies
- The Bucket List: Experiences Operating S3 Honeypots
Honeypot research insights
Showing a sample of 42 resources. View the full list on GitHub →