Skip to content

yaaras/authant

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

13 Commits
authant
authant
Β 
Β 
.gitignore
.gitignore
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
requirements.txt
requirements.txt
Β 
Β 
setup.py
setup.py
Β 
Β 

Repository files navigation

🐜 AuthAnt

AuthAnt is a Python tool for identifying cloud storage buckets that are misconfigured to allow access only when authenticated. It supports both Google Cloud Storage (GCS) and Amazon S3, making it easy to detect weak configurations across multiple cloud providers.

πŸš€ Features

  • ☁️ Supports GCS and S3 bucket URLs
  • 🧠 Automatically detects the bucket provider from the URL

πŸ›  Installation

git clone https://github.com/yaaras/authant.git
cd authant
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
pip install -e .

βš™οΈ Requirements

  • Python 3.8+
  • GCP credentials (gcloud auth application-default login)
  • AWS credentials (aws configure)

πŸ’‘ Usage

Once installed, use the authant command with short or long flags:

# Scan all GCS buckets in the current project (requires ADC permissions)
authant -p gcs
# Or explicitly supply a bucket URL
authant -p gcs -b https://storage.googleapis.com/my-bucket

# Scan S3 buckets listed in a file
authant -p s3 -f s3_buckets.txt
# Scan a single S3 bucket URL
authant -p s3 -b https://my-bucket.s3.amazonaws.com/
  • -p (or --provider): Choose the cloud provider (gcs or s3).
  • -b (or --bucket): A single bucket URL to scan.
  • -f (or --file): A file with one bucket URL per line.

If you omit both -b/--bucket and -f/--file when using GCS, AuthAnt will attempt to list all buckets in your current project. For S3, you must specify at least one of -b/--bucket or -f/--file.

Logs are printed to the console with colored levels (INFO in green, WARNING in yellow, etc.), showing for each bucket:

2025-07-09 14:00:00 INFO     Bucket: https://... | Type: gcs | Unauthenticated: 403 | Authenticated: 200
2025-07-09 14:00:01 WARNING  Authenticated-only access: https://...

πŸ“ Output

Example output:

bucket_url bucket_type unauth_status auth_status
https://storage.googleapis.com/foo gcs 403 200
https://bar.s3.amazonaws.com/ s3 403 200

You’ll see a console log for buckets that are only accessible with authentication, which may indicate a potentially unintended exposure to internal identities.

πŸ‘©β€πŸ’» Maintainers

Developed by the Wiz Threat Research team πŸ’™

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

17 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages