Hello, welcome to the Tuesday, February 27th, 2018 edition of the Sands and the Storm Center's

Stormcast. My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

A common theme in recent breaches was exposed to cloud resources, whether it was a badly secured S3 bucket or whether it was some server

that wasn't configured correctly. But one thing people are really struggling with is sort of

keeping track of all the resources they're pushing in the cloud.

And that's why I want to highlight two interesting tools that hopefully will make this

a little bit easier.

The first one I think is a little bit on the dark side of the gray head scale, but the

AWS bucket dump allows you to sort of brute force

AWS bucket names so what you would do is you would find a list of terms that are

likely used in your company for AWS bucket names and then try to enumerate them and see if any of these buckets exist

and if they are not properly protected.

The tool also allows you to download files that match certain interesting keywords.

That's of course where things definitely get a little bit interesting from sort of

an ethics and legal point of view if you by mistake end up in a bucket that you are not

authorized to read. The second tool cloud mapper comes courtesy of dual apps and it allows you to

draw pretty nice network diagrams for assets in Amazon

Web Services. Now this is clearly a white hat tool in that you first need access to the

account so you do need credentials for a specific AWS account and then you let a shell script

collect all the information from the AWS account and this is then converted into an

HTML file that is viewable in your browser.

Of course, unlike the first tool, this doesn't really track any sort of shadow IT assets.

...