S3enum is a tool to enumerate a target’s Amazon S3 buckets. It is fast and leverages DNS instead of HTTP, which means that requests don’t hit AWS directly.
Go
go get github.com/koenrh/s3enum
Also Read – PythonAESObfuscate : Obfuscates a Python Script & Accompanying Shellcode
Usage
You need to specify the base name of the target (e.g. hackerone), and a word list. You could either use the example wordlist.txt file from this repository, or get a word list elsewhere. Optionally, you could specify the number of threads (defaults to 10).
$ s3enum –wordlist examples/wordlist.txt –suffixlist examples/suffixlist.txt –threads 10 hackerone
hackerone
hackerone-attachment
hackerone-attachments
hackerone-static
hackerone-upload
By default s3enum will use the name server as specified in /etc/resolv.conf. Alternatively, you could specify a different name server using the --nameserver option. Besides, you could test multiple names at the same time.
s3enum \
–wordlist examples/wordlist.txt \
–suffixlist examples/suffixlist.txt \
–nameserver 1.1.1.1 \
hackerone h1 roflcopter
