inSp3ctor

LSE toolsLSE toolsinSp3ctor (487)inSp3ctor (487)

Tool and Usage

Project details

Programming language
Python
Author
Brian Warehime
Latest release
No release found
Latest release date
Unknown

Project health

56
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Like other S3 bucket scanners, inSp3ctor helps to find valid storage buckets on Amazon's AWS platform. This can be useful for security assignments like penetration testing or see what information is available about a company. Another option is using it to see if any private data is leaking.

How it works

With inSp3ctor you can use both a preloaded wordlist or have the tool perform common permutations to discover bucket names. All entries are checked to see if there is a valid S3 bucket. When it finds one, it will show if it is open, private, or has a redirect.

Usage and audience

inSp3ctor is commonly used for penetration testing, security assessment, or storage security testing. Target users for this tool are pentesters and security professionals.

Features

  • Command line interface

Example usage and output

_ ____ ____ __
(_)__ / __/__ |_ /____/ /____ ____
/ / _ \_\ \/ _ \_/_ </ __/ __/ _ \/ __/
/_/_//_/___/ .__/____/\__/\__/\___/_/
/_/

AWS S3 Bucket Finder
Brian Warehime @nullsecure


usage: inSp3ctor.py [-h] [-w wordlist] [-n root] [-o] [-a] [-p] [-b batch]

AWS s3 Bucket Permutation Checker

optional arguments:
-h, --help show this help message and exit
-w wordlist Specify list of buckets to check from wordlist
-n root Specify the root name to use, i.e. google, amazon
-o Check objects in a public s3 bucket if they are available
-a Use AWS Credentials to authenticate the request
-p Only show buckets/objects that are public in the results
-b batch Specify filename containing words to apply permutations to

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code is easy to read and understand
  • + Very low number of dependencies
  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available

Author and Maintainers

InSp3ctor is under development by Brian Warehime.

Installation

Supported operating systems

InSp3ctor is known to work on Linux.

inSp3ctor alternatives

Similar tools to inSp3ctor:

64

BuQuikker

BuQuikker is a security tool to scan the Amazon S3 storage service. Its goal is to find open and unprotected S3 buckets.

74

Bucket Finder

Bucket Finder is one of the available security tools to discover AWS S3 buckets. Read the review and how it works.

85

S3Scanner

S3Scanner helps with the discovery of S3 storage buckets on the platform of Amazon's AWS. Learn how the tool works with this review.

All inSp3ctor alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a AWS security tool and Amazon S3 bucket scanner.

Related topics