Skip to content

Releases: sa7mon/S3Scanner

v3.1.1

Choose a tag to compare

@sa7mon sa7mon released this 17 Sep 02:47
9c61311

What's Changed

Full Changelog: v3.1.0...v3.1.1

v3.1.0

Choose a tag to compare

@sa7mon sa7mon released this 08 Sep 22:10
8f5b035

What's Changed

  • Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.38.5 to 1.39.0 by @dependabot in #227
  • chore: ignore aws library patch releases by @sa7mon in #229
  • chore: bump golang.org/x/sync from 0.1.0 to 0.4.0 by @dependabot in #231
  • chore: bump github.com/spf13/viper from 1.16.0 to 1.17.0 by @dependabot in #233
  • chore: upgrade dependencies by @sa7mon in #241
  • packaging: add BlackArch info by @sa7mon in #243
  • chore: upgrade dependencies by @sa7mon in #263
  • chore: bump github.com/aws/aws-sdk-go-v2/config from 1.25.11 to 1.26.6 by @dependabot in #276
  • chore: bump golang.org/x/sync from 0.5.0 to 0.6.0 by @dependabot in #272
  • chore: bump gorm.io/gorm from 1.25.5 to 1.25.7 by @dependabot in #281
  • chore: bump gorm.io/driver/postgres from 1.5.4 to 1.5.6 by @dependabot in #280
  • chore: bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @dependabot in #268
  • chore: bump github.com/spf13/viper from 1.17.0 to 1.18.2 by @dependabot in #270
  • chore: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.47.2 to 1.50.0 by @dependabot in #282
  • chore: bump github.com/aws/aws-sdk-go-v2 from 1.25.0 to 1.26.1 by @dependabot in #305
  • chore: upgrade dependencies and fix tests by @sa7mon in #320
  • test: update tests by @sa7mon in #336
  • bug: use credentials when scanning by @sa7mon in #337

Full Changelog: v3.0.4...v3.1.0

v3.0.4

Choose a tag to compare

@sa7mon sa7mon released this 25 Sep 23:07
943295b

What's Changed

Full Changelog: v3.0.3...v3.0.4

v3.0.3

Choose a tag to compare

@sa7mon sa7mon released this 24 Sep 21:11
06d64e7

Changes

chore

  • Bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.11.79 to 1.11.83 by @dependabot in #199

bugfix

  • bugfix: ignore dreamhost 'auth' bucket by @sa7mon in #208
  • bugfix: remove dreamhost region check by @sa7mon in #211

refactor

feature

Full Changelog: v3.0.2...v3.0.3

v3.0.2

Choose a tag to compare

@sa7mon sa7mon released this 11 Sep 22:09
451c6b0

Changes

bugfix

  • bugfix: switch custom provider test to DO by @sa7mon in #184
  • bugfix: upgrade go & modules by @sa7mon in #185

feature

refactor

New Contributors

Full Changelog: v3.0.1...v3.0.2

v3.0.1

Choose a tag to compare

@sa7mon sa7mon released this 18 Aug 14:13
a10a9aa

What's Changed

Full Changelog: v3.0.0...v3.0.1

v3.0.0

Choose a tag to compare

@sa7mon sa7mon released this 29 Jul 03:23
1610ed4

What's Changed

Announcement available here: #135

Full Changelog: 2.0.2...v3.0.0

2.0.2

Choose a tag to compare

@sa7mon sa7mon released this 28 Nov 21:16
fafa30a

Changes

2.0.1

Choose a tag to compare

@sa7mon sa7mon released this 24 Apr 00:25
6f7a679

Quick update to 2.0.0 to improve endpoint validation and allow support for GCP. Also I goofed and broke the Pip package, so this will remedy that.

Changes

  • Improve endpoint validation
  • Add automated tests to validate 3rd party endpoints

2.0.0

Choose a tag to compare

@sa7mon sa7mon released this 23 Apr 02:29
fb39258

This is almost a complete re-write of the tool including scanning logic and output and adds a good amount of new functionality. The code is now much cleaner and simpler than before.

Changes

  • ‼️ Added checks for "dangerous" permissions: Write, WriteACP
  • ✏️ Simplified the output not have different formats for file and console output. Everything is now just output to stdout in a uniform way to allow easy parsing with grep/awk/etc
  • 🔭 Support added for non-AWS S3-compatible APIs. This was done in a generic way to avoid having to include API-specific code in the tool and update it when the APIs inevitably change or break
  • 🐍 Pip package created and distributed
  • 🐳 Built and pushed a Docker image to Docker Hub
  • 📈 Increased overall test coverage to ~90%
  • ⚡️ Added support for multi-threaded scanning and dumping
  • 💾 Added support for "resume-able" dumping. If an object has already been downloaded, it will be skipped unless the sizes differ
  • 🔎 Added Travis CI tests to verify functionality on Python 3.6-3.9

Known Issues / Future Work

  • Currently, non-AWS endpoints are only scanned for anonymous permissions. Testing is needed to see if credential scans work and if the permissions match AWS structure.
  • When dumping a bucket, the tool will check to see if each file has already been downloaded. If it has, the file will be skipped unless the size of the local and remote files don't match. In the future, the user should be given a choice to re-download these files.
  • Measure user desire for other output formats (i.e. csv/json/sqlite)