bucketsnoop's Introduction

BucketSnoop

A Firefox extension and WebSocket handler that checks s3 buckets while your browse. All the checks are passive, I'm not a fan of just throwing files into storage that isn't mine, it's easy enough to check manually with aws cli.

THIS PROJECT WILL PROBABLY NEVER BE FINISHED, THOUGH A TOTAL REWRITE IN GO-LANG WILL BE DONE AT SOME POINT

It works but it's nowhere near finished, use with care.

Setup

Server

Probably needs Python 3, I've not even bothered testing Python 2.
For now you need AWS CLI installed and configured, boto3 looks in ~/.aws/credentials

Clone the repo

git clone https://github.com/olihough86/BucketSnoop.git

Change to the /BucketSnoopServer/ directory

cd BucketSnoop/BucketSnoopServer/

create a venv

python3 -m venv .venv

activate your venv

source .venv/bin/activate

upgrade pip

pip install --upgrade pip

install requiements

pip install -r requirements

start server

python server.py

Client

Open Firefox and go to about:debugging

Click on "Load Temporary Add-on"

Find /BucketSnoopClient/bucketsnoop.js and load it

Usage

The client should now be loaded and connected to the server, while browsing watch the output of the server as discovered buckets are checked

If a S3 bucket can be parsed it will;

Try to pull the bucket ACL and list the permissions
Check if objects can be listed with auth
Check if objects can be listed without auth

If a bucket name is not parsed it will;

Highlight that the host is pointed in some way to S3

If an Azure blob container can be parsed it will;

Check if the blobs can be listed

If a Google Cloud bucket can be parsed it will;

Try to pull the bucket ACL (ACL parsing not yet finished)
Check if objects can be listed

URIs are cached in local storage to avoid repeat requests, currently this is cleared each time the add-on is reloaded.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.

Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

TensorFlow

An Open Source Machine Learning Framework for Everyone

Django

The Web framework for perfectionists with deadlines.

Laravel

A PHP framework for web artisans

D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

web

Some thing interesting about web. New door for the world.

server

A server is a program made to process requests and deliver data to clients.

Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

Visualization

Some thing interesting about visualization, use data art

Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.

Microsoft

Open source projects and samples from Microsoft.

Google

Google ❤️ Open Source for everyone.

Alibaba

Alibaba Open Source for everyone

D3

Data-Driven Documents codes.

Tencent

China tencent open source team.

olihough86 / bucketsnoop Goto Github PK