S3enum is a tool to enumerate a target’s Amazon S3 buckets. It is fast and leverages DNS instead of HTTP, which means that requests don’t hit AWS directly.
Go
go get github.com/koenrh/s3enum
Also Read – PythonAESObfuscate : Obfuscates a Python Script & Accompanying Shellcode
Usage
You need to specify the base name of the target (e.g. hackerone), and a word list. You could either use the example wordlist.txt file from this repository, or get a word list elsewhere. Optionally, you could specify the number of threads (defaults to 10).
$ s3enum –wordlist examples/wordlist.txt –suffixlist examples/suffixlist.txt –threads 10 hackerone
hackerone
hackerone-attachment
hackerone-attachments
hackerone-static
hackerone-upload
By default s3enum will use the name server as specified in /etc/resolv.conf. Alternatively, you could specify a different name server using the --nameserver option. Besides, you could test multiple names at the same time.
s3enum \
–wordlist examples/wordlist.txt \
–suffixlist examples/suffixlist.txt \
–nameserver 1.1.1.1 \
hackerone h1 roflcopter
What is a Software Supply Chain Attack? A software supply chain attack occurs when a…
When people ask how UDP works, the simplest answer is this: UDP sends data quickly…
Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…
A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…
How Does a Firewall Work Step by Step? What Is a Firewall and How Does…
People trying to securely connect to work are being tricked into doing the exact opposite.…