Releases: TocConsulting/s3-security-scanner
Releases · TocConsulting/s3-security-scanner
v1.0.1 - Docker Support
What's New in v1.0.1
Docker Support 🐳
S3 Security Scanner is now available as a Docker image, making it easier to run without installing Python dependencies locally.
Pull from Docker Hub:
docker pull tarekcheikh/s3-security-scanner:1.0.1
Multi-architecture support:
- linux/amd64 (Intel/AMD processors)
- linux/arm64 (Apple Silicon M1/M2/M3, AWS Graviton)
Quick Start with Docker
Scan your S3 buckets:
docker run --rm \
-v ~/.aws:/root/.aws:ro \
-v $(pwd)/output:/app/output \
tarekcheikh/s3-security-scanner security
Discover buckets (no AWS credentials needed):
docker run --rm \
-v $(pwd)/output:/app/output \
tarekcheikh/s3-security-scanner discover --target "company-name" --only
DNS takeover scanning:
docker run --rm \
-v $(pwd)/output:/app/output \
tarekcheikh/s3-security-scanner dns --domain example.com
Documentation Updates
- Added comprehensive Docker usage section in README
- Added Docker Hub badge
- Documented all volume mount options and AWS credential methods
Installation Options
- PyPI: pip install s3-security-scanner==1.0.1
- Docker: docker pull tarekcheikh/s3-security-scanner:1.0.1
- Source: git clone https://github.com/TocConsulting/s3-security-scanner.git
Full Changelog: https://github.com/TocConsulting/s3-security-scanner/compare/v1.0.0...v1.0.1
You can use this with:
```bash
git tag -a v1.0.1 -m "Release v1.0.1 - Docker support"
Or create the release directly on GitHub with the web UI at: https://github.com/TocConsulting/s3-security-scanner/releases/new
S3 Security Scanner v1.0.0
S3 Security Scanner v1.0.0
First stable release of the AWS S3 Security Scanner.
Features
- Security Scanning: 40+ security checks for S3 buckets
- Compliance Frameworks: CIS, AWS-FSBP, PCI-DSS, HIPAA, SOC 2, ISO 27001/27017/27018, GDPR
- DNS Takeover Detection: Identify vulnerable subdomains pointing to S3
- Bucket Discovery: Find unknown buckets via intelligent permutations
- Object-Level Analysis: Detect public objects and sensitive data patterns
- Multiple Output Formats: JSON, CSV, HTML reports
- Remediation Guidance: AWS Console, CLI, and boto3 examples
Installation
pip install s3-security-scanner
Quick Start
# Scan all buckets
s3-security-scanner security
# Check DNS takeover vulnerabilities
s3-security-scanner dns --domain example.com
# Discover unknown buckets
s3-security-scanner discover --target "company-name"
Documentation
- security-checks.md - All 40+ checks explained
- compliance.md - Framework control mappings
- remediation-guide.md - Fix vulnerabilities step-by-step
Requirements
- Python 3.8+
- AWS credentials (for security scanning)
- No credentials needed for basic discovery