Helpful aws-boto3-scripts - Python3 scripts that include threading to quickly perform a few checks on any keys added to an input file

Related tags

Third-party APIs WrappersHelpful_aws-boto3-scripts
Overview

Helpful aws boto3 scripts

python3 scripts that include threading to quickly perform checks on large sets (either checks against many aws key pairs or checks against a long list of s3 buckets to see which s3 buckets a set of aws keys with s3 bucket access can actually read from)

The scripts currently run with threading set to 50, but you can adjust that as needed within the script. This allows the script to finish recursive s3 bucket list access checks on large s3 listings in short order.

2 scripts currently included:

  1. check-identity.py: This is a threaded python3 script that can take one or many aws key pairs and very quickly check if those keys are active and quickly performs the following checks:
  • checks s3 bucket access
  • attempts to list role info
  • attempts to list group info
  • checks for servicesspecificcredentials
  • checks secretsmanager info
  • checks parameterstore info
  • checks for dynamodb list_tables access
  1. check-s3-access.py: This is a threaded python3 script that can take sets of keys and quickly check to identify which buckets that key can actually view into (i.e., a key pair may be able to list a bucket name but may not be able to view inside of that bucket, so this script helps with identifying which buckets a set of keys can actually see into)

Steps

  1. Ensure that boto3 is installed (pip3 install boto3)
  2. Create a file (example: input.txt) and add one set of credentials per row in this format: accesskey,secretkey
  3. in check-identity.py, the region by default is set to us-west-1. You can edit that value in the script as needed.
  4. Run python3 check-identity.py -f input.txt. This script will take all key pairs inclued in input.txt and do a simple get-caller-identity call to see if the key pair is still active and then check to see if the key pair has s3 bucket access.
  5. Based on which keys from #2 have s3 bucket access, add just those keys into a new input file (ex: input2.txt).
  6. Run python3 check-s3-access.py -f input2.txt. This script will then recursively check across all buckets to see which buckets a key pair can access see into. Results will be written to an outfile in the current directory with the access key in the filename. You can check the output for successes by running grep "CAN read" [outputfile]
Owner
Cedric Owens
offensive security engineer
Cedric Owens
GitHub Repository
Tubee is a web application, which runs actions when your subscribed channel upload new videos

Tubee is a web application, which runs actions when your subscribed channel upload new videos, think of it as a better IFTTT but built specifically for YouTube with many enhancements.

Tomy Hsieh 11 Jan 01, 2023
Fastest Pancakeswap Sniper BOT TORNADO CASH 2022-V1 (MAC WINDOWS ANDROID LINUX)

Fastest Pancakeswap Sniper BOT TORNADO CASH 2022-V1 (MAC WINDOWS ANDROID LINUX) ⭐️ AUTO BUY TOKEN ON LAUNCH AFTER ADD LIQUIDITY ⭐️ ⭐️ Support Uniswap

Crypto Trader 7 Jan 31, 2022
A simple Telegram bot can convert web docs, Telegraph links, etc. to Pdf !

A Telegram Bot to convert http Links to PDF

Renjith Mangal 10 Oct 28, 2022
GitNews: Github webhooks for Telegram

GitNews - Github webhooks for Telegram Setup: server: clone repo git clone https

Druv Jagdish 1 Feb 14, 2022
Discord bot that shows valorant your daily store by using the Ingame API

Valorant store checker - Discord Bot Discord bot that shows valorant your daily store by using the Ingame API. written using Python and the Pycord lib

STACIA 226 Jan 02, 2023
A python bot that scrapes free udemy coupons and sends them to Telegram.

About: A python telegram bot that scrapes information about fresh free Udemy coupons content from couponscorpion.com and sends it to teleram channel h

Irina Gayday 1 Dec 19, 2021
Github repository started notify 💕

Github repository started notify 💕

4 Aug 06, 2022
A Bot to Track Kernel Upstreams from kernel.org and Post it on Telegram Channel

Channel Kernel Tracker is the channel where the bot will be sending the updates in. Introduction This is a Telegram Bot to Track Kernel Upstreams kern

Kartikeya Hegde 3 Oct 05, 2021
Discord Token Generator - Python (Generates Tokens and Joins your Server Automatically) hCaptcha Bypass **FREE**

Best Discord Token Generator {hCaptcha bypass FREE Unlimited Memberboost} Install few requirements & run main.py it will redirect you to the Download

1 Oct 27, 2021
Example notebooks for working with SageMaker Studio Lab. Sign up for an account at the link below!

SageMaker Studio Lab Sample Notebooks Available today in public preview. If you are looking for a no-cost compute environment to run Jupyter notebooks

Amazon Web Services 304 Jan 01, 2023
Provide fine-grained push access to GitHub from a JupyterHub

github-app-user-auth Provide fine-grained push access to GitHub from a JupyterHub. Goals Allow users on a JupyterHub to grant push access to only spec

Yuvi Panda 20 Sep 13, 2022
Debugging with Stack Overflow: Web Search Behavior in Novice and Expert Programmers

Debugging with Stack Overflow: ICSE SEET, 2022 This is the GitHub repository associated with the 2022 ICSE SEET paper, Debugging with Stack Overflow:

Madeline Endres 1 Jan 31, 2022
Scratch2py or S2py is a easy to use, versatile tool to communicate with the Scratch API Based of Scratch2py

Scratch2py Scratch2py or S2py is a easy to use, versatile tool to communicate with the Scratch API Based of Scratch2py Installation Run this command i

2 Jan 13, 2022
A Discord Tool which checks for valid tokens and adds them to a server

Discord-Server-Botter A Discord Tool which checks for valid tokens and adds them to a server Usage Choice 1 is for checking tokens Choice 2 is for add

Bless 3 Jul 01, 2022
A Discord bot to play bluffing games like Dobbins or Bobbins

Usage: pip install -r requirements.txt python3 bot.py DISCORD_BOT_TOKEN Gameplay: All commands are case-insensitive, with trailing punctuation and spa

4 May 27, 2022
Music bot because Octave is down and I can : )

Chords On a mission to build the best Discord Music Bot View Demo · Report Bug · Request Feature Table of Contents About The Project Built With Gettin

Aman Prakash Jha 53 Jan 07, 2023
Optimus Prime - A modular Telegram group management and drive clone bot running on Python with sqlalchemy database

Optimus Prime Bot . 🤖 A modular Telegram group management and drive clone bot r

9 Jun 01, 2022
A repository of publicly verifiable token Sale contracts

Token-Sale-Plutus-Contract A repository of publicly verifiable token sale and royalty contracts. This will be the storage solution since it is easily

Logical Mechanism 29 Aug 18, 2022
A wrapper for The Movie Database API v3 and v4 that only uses the read access token (not api key).

fulltmdb A wrapper for The Movie Database API v3 and v4 that only uses the read access token (not api key). Installation Use the package manager pip t

Jacob Hale 2 Sep 26, 2021
A Python IRC bot with dynamically loadable modules

pybot This is a modular, plugin-based IRC bot written in Python. Plugins can bedynamically loaded and unloaded at runtime. A design goal is the abilli

Jeff Kent 1 Aug 20, 2021