To help identify these exposed EBS volumes and allow individuals and businesses to secure their secrets, the Bishop Fox team developed Dufflebag, an open source tool now available on GitHub. In this video, Dan Petro explain how Dufflebag works.
The Dufflebag tool from Bishop Fox can search exposed elastic block store volumes for sensitive information that may have accidentally been left lying around. To get started, simply build the code into a zipfile instructions on our Github and make an elastic Beanstalk out from it, which you're seeing now once you push the project into elastic beanstalk. Amazon handles all the messy architecture management for you and it makes scaling up and down a breeze. Pay attention to your AWS billing page, but Beanstalk apps are actually pretty inexpensive. You can monitor the execution of the program from the dashboard here. Dufflebag rummages through although publicly exposed EBS volumes on AWS and searches for secrets like this shadow file here. This one's empty but believe me there's more out there!