Linux command
s3scanner 命令
文件
复制后可按需替换文件名、目录或参数。
常用示例
Scan a list of bucket names from a file
s3scanner -bucket-file [names.txt]
Scan and enumerate objects in a bucket
s3scanner -bucket [my-bucket] -enumerate
Scan a GCP bucket
s3scanner -provider gcp -bucket [my-bucket]
Scan with JSON output
s3scanner -bucket [my-bucket] -json
说明
s3scanner checks permissions on object storage buckets to detect public access misconfigurations. It supports AWS and multiple S3-compatible providers, multi-threaded scanning, database persistence via PostgreSQL, and RabbitMQ integration for scaled operations.
参数
- -bucket _NAME_
- Single bucket name to scan.
- -bucket-file _FILE_
- File containing bucket names to scan.
- -enumerate
- List all objects found in accessible buckets.
- -provider _PROVIDER_
- Storage provider: aws, gcp, digitalocean, dreamhost, linode, or scaleway.
- -threads _N_
- Number of concurrent scan workers. Default: 4.
- -json
- Output results in JSON format.
FAQ
What is the s3scanner command used for?
s3scanner checks permissions on object storage buckets to detect public access misconfigurations. It supports AWS and multiple S3-compatible providers, multi-threaded scanning, database persistence via PostgreSQL, and RabbitMQ integration for scaled operations.
How do I run a basic s3scanner example?
Run `s3scanner -bucket-file [names.txt]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -bucket _NAME_ do in s3scanner?
Single bucket name to scan.