S3enum : Fast Amazon S3 Bucket Enumeration Tool For Pentesters

S3enum is a tool to enumerate a target’s Amazon S3 buckets. It is fast and leverages DNS instead of HTTP, which means that requests don’t hit AWS directly.

Go

go get github.com/koenrh/s3enum

Also Read – PythonAESObfuscate : Obfuscates a Python Script & Accompanying Shellcode

Usage

You need to specify the base name of the target (e.g. hackerone), and a word list. You could either use the example wordlist.txt file from this repository, or get a word list elsewhere. Optionally, you could specify the number of threads (defaults to 10).

$ s3enum –wordlist examples/wordlist.txt –suffixlist examples/suffixlist.txt –threads 10 hackerone

hackerone
hackerone-attachment
hackerone-attachments
hackerone-static
hackerone-upload

By default s3enum will use the name server as specified in /etc/resolv.conf. Alternatively, you could specify a different name server using the --nameserver option. Besides, you could test multiple names at the same time.

s3enum \
–wordlist examples/wordlist.txt \
–suffixlist examples/suffixlist.txt \
–nameserver 1.1.1.1 \
hackerone h1 roflcopter

R K

Recent Posts

How to Install Docker on Ubuntu (Step-by-Step Guide)

Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…

15 hours ago

Uninstall Docker on Ubuntu

Docker is one of the most widely used containerization platforms. But there may come a…

15 hours ago

Admin Panel Dorks : A Complete List of Google Dorks

Introduction Google Dorking is a technique where advanced search operators are used to uncover information…

2 days ago

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

3 days ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

3 days ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

3 days ago