BlobHunter is an opensource tool for scanning Azure blob storage accounts for publicly opened blobs.
BlobHunter is a part of “Hunting Azure Blobs Exposes Millions of Sensitive Files” research:
https://www.cyberark.com/resources/threat-research-blog/hunting-azure-blobs-exposes-millions-of-sensitive-files
Overview
BlobHunter helps you identify Azure blob storage containers which store files that are publicly available to anyone with an internet connection.
The tool will help mitigate risk by identifying poorly configured containers that store sensitive data, which is specifically helpful in larger scale Azure subscriptions where there are a significant number of storage accounts that could be hard to track.
BlobHunter produces an informative csv result file that provides important details on each publicly opened container in the scanned environment.
Requirements
requirements.txt packagesMicrosoft.Resources/subscriptions/read
Microsoft.Resources/subscriptions/resourceGroups/read
Microsoft.Storage/storageAccounts/read
Microsoft.Storage/storageAccounts/listkeys/action
Microsoft.Storage/storageAccounts/blobServices/containers/read
Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read
Build
Example for installation on Ubuntu
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
pip3 install -r requirements.txt
Usage
Simply run
python3 BlobHunter.py
If you are not logged in in the Azure CLI, a browser window will be prompted at you for inserting your Azure user credentials.
General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…
How to Send POST Requests Using curl in Linux If you work with APIs, servers,…
If you are a Linux user, you have probably seen commands like chmod 777 while…
Vim and Vi are among the most powerful text editors in the Linux world. They…
Working with compressed files is a common task for any Linux user. Whether you are…
In the digital era, an email address can reveal much more than just a contact…