Encontrar Fuga de Datos

Pasivo

Google dorks, censys, shodan:

LogoGrayhatwarfare
LogoHunting Azure Blobs Exposes Millions of Sensitive FilesCyberArk

Activo

<storageaccount>.files.core.windows.net
<storageaccount>.files.core.windows.net/<contenedor>
<storageaccount>.files.core.windows.net/<contenedor>/?comp=list

Herramientas

trufflehog

LogoGitHub - trufflesecurity/trufflehog: Find credentials all over the placeGitHub

DumpsterDiver

LogoGitHub - securing/DumpsterDiver: Tool to search secrets in various filetypes.GitHub

BlobHunter

LogoGitHub - cyberark/BlobHunter: Find exposed data in Azure with this public blob scannerGitHub

Recomendacion

LogoSecurity recommendations for Blob storage - Azure StorageMicrosoftLearn
AnteriorAzure FilesSiguienteMicrosoft Graph

Última actualización