v3.1.1

What's Changed

• chore: fix github actions by @sa7mon in #338
• chore: update dependencies, bump Go version by @sa7mon in #340
• add nixos to readme by @sa7mon in #274
• feat: add linter config by @sa7mon in #341
• bug: update regions by @sa7mon in #342

Full Changelog: v3.1.0...v3.1.1

v3.1.0

What's Changed

• Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.38.5 to 1.39.0 by @dependabot in #227
• chore: ignore aws library patch releases by @sa7mon in #229
• chore: bump golang.org/x/sync from 0.1.0 to 0.4.0 by @dependabot in #231
• chore: bump github.com/spf13/viper from 1.16.0 to 1.17.0 by @dependabot in #233
• chore: upgrade dependencies by @sa7mon in #241
• packaging: add BlackArch info by @sa7mon in #243
• chore: upgrade dependencies by @sa7mon in #263
• chore: bump github.com/aws/aws-sdk-go-v2/config from 1.25.11 to 1.26.6 by @dependabot in #276
• chore: bump golang.org/x/sync from 0.5.0 to 0.6.0 by @dependabot in #272
• chore: bump gorm.io/gorm from 1.25.5 to 1.25.7 by @dependabot in #281
• chore: bump gorm.io/driver/postgres from 1.5.4 to 1.5.6 by @dependabot in #280
• chore: bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @dependabot in #268
• chore: bump github.com/spf13/viper from 1.17.0 to 1.18.2 by @dependabot in #270
• chore: bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.47.2 to 1.50.0 by @dependabot in #282
• chore: bump github.com/aws/aws-sdk-go-v2 from 1.25.0 to 1.26.1 by @dependabot in #305
• chore: upgrade dependencies and fix tests by @sa7mon in #320
• test: update tests by @sa7mon in #336
• bug: use credentials when scanning by @sa7mon in #337

Full Changelog: v3.0.4...v3.1.0

v3.0.4

What's Changed

• chore: update gh workflows by @sa7mon in #228

Full Changelog: v3.0.3...v3.0.4

v3.0.3

Changes

chore

• Bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.11.79 to 1.11.83 by @dependabot in #199

bugfix

• bugfix: ignore dreamhost 'auth' bucket by @sa7mon in #208
• bugfix: remove dreamhost region check by @sa7mon in #211

refactor

• refactor: add package info by @sa7mon in #204

feature

• feat: add region check by @sa7mon in #205
• feat: deduplicate bucket names when ingesting from file by @lavafroth in #207
• feat: add scaleway support by @sa7mon in #210
• feat: add winget package by @sa7mon in #212
• dev: add mitmproxy by @sa7mon in #215

Full Changelog: v3.0.2...v3.0.3

v3.0.2

Changes

bugfix

• bugfix: switch custom provider test to DO by @sa7mon in #184
• bugfix: upgrade go & modules by @sa7mon in #185

feature

• feat: add proxy support by @sa7mon in #177

refactor

• refactor: split out main.go functionality by @sa7mon in #188
• Bump gorm.io/gorm from 1.25.3 to 1.25.4 by @dependabot in #189
• Make region-client map concurrency safe by @lavafroth in #197

New Contributors

• @lavafroth made their first contribution in #197

Full Changelog: v3.0.1...v3.0.2

v3.0.1

What's Changed

• Add dependabot config by @sa7mon in #158
• upgrade packages by @sa7mon in #164
• Refactor module name by @sa7mon in #166
• Add 'go install' instructions by @sa7mon in #167
• Add homebrew install instructions by @sa7mon in #173

Full Changelog: v3.0.0...v3.0.1

v3.0.0

What's Changed

• Golang Rewrite 🌟 by @sa7mon in #134

Announcement available here: #135

Full Changelog: 2.0.2...v3.0.0

2.0.2

Changes

• Fixes #122 - CVE-2021-32061: Path Traversal via dump of malicious bucket

2.0.1

Quick update to 2.0.0 to improve endpoint validation and allow support for GCP. Also I goofed and broke the Pip package, so this will remedy that.

Changes

• Improve endpoint validation
• Add automated tests to validate 3rd party endpoints

2.0.0

This is almost a complete re-write of the tool including scanning logic and output and adds a good amount of new functionality. The code is now much cleaner and simpler than before.

Changes

• ‼️ Added checks for "dangerous" permissions: Write, WriteACP
• ✏️ Simplified the output not have different formats for file and console output. Everything is now just output to stdout in a uniform way to allow easy parsing with grep/awk/etc
• 🔭 Support added for non-AWS S3-compatible APIs. This was done in a generic way to avoid having to include API-specific code in the tool and update it when the APIs inevitably change or break
• 🐍 Pip package created and distributed
• 🐳 Built and pushed a Docker image to Docker Hub
• 📈 Increased overall test coverage to ~90%
• ⚡️ Added support for multi-threaded scanning and dumping
• 💾 Added support for "resume-able" dumping. If an object has already been downloaded, it will be skipped unless the sizes differ
• 🔎 Added Travis CI tests to verify functionality on Python 3.6-3.9

Known Issues / Future Work

• Currently, non-AWS endpoints are only scanned for anonymous permissions. Testing is needed to see if credential scans work and if the permissions match AWS structure.
• When dumping a bucket, the tool will check to see if each file has already been downloaded. If it has, the file will be skipped unless the size of the local and remote files don't match. In the future, the user should be given a choice to re-download these files.
• Measure user desire for other output formats (i.e. csv/json/sqlite)