FogSecurity/yes3-scanner: YES3 Scanner: S3 Security Scanner for Access and Ransomware Protection

Source: GitHub Author: unknown URL: https://github.com/FogSecurity/yes3-scanner

ONE SENTENCE SUMMARY:

YES3 is a Python-based tool that scans AWS accounts for S3 bucket misconfigurations, focusing on access, security, and ransomware protection.

MAIN POINTS:

  1. YES3 scans AWS S3 buckets for access, encryption, and security misconfigurations.
  2. Detects public access via ACLs, policies, and website settings.
  3. Checks for preventative settings like Public Access Block and disabled ACLs.
  4. Identifies additional security configurations like encryption and server access logging.
  5. Evaluates ransomware protection through Object Lock and versioning.
  6. Outputs detailed reports of potential issues per bucket.
  7. Requires Python 3, boto3, and proper AWS IAM permissions to run.
  8. Scans globally with region input for quota checks via Boto3 client.
  9. Offers a private beta for multi-account and object-level scanning.
  10. Installation is via pip and requirements.txt; virtual environments are supported.

TAKEAWAYS:

  1. YES3 helps secure S3 by identifying misconfigurations and potential vulnerabilities.
  2. Reports include granular bucket-level security details for actionable insights.
  3. Public access detection spans multiple configurations including ACLs and policies.
  4. Additional features like Object Lock and lifecycle policies enhance ransomware protection.
  5. The tool is actively developed, with expanded functionality planned for future releases.