Skip to content
/ s3enum Public
forked from koenrh/s3enum

Fast Amazon S3 bucket enumeration tool for pentesters.

License

ISC license
0 stars 42 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

scriptingxss/s3enum

BranchesTags
 
 

Repository files navigation

I have archived this project, because Amazon killed the DNS feature this tool used to enumerate S3 bucket names. For details, read this GitHub issue.

s3enum

s3enum is a tool to enumerate a target's Amazon S3 buckets. It is fast and leverages DNS instead of HTTP, which means that requests don't hit AWS directly.

It was originally built back in 2016 to target GitHub.

Installation

Binaries

Find the binaries on the Releases page.

Go

go get github.com/koenrh/s3enum

Usage

You need to specify the base name of the target (e.g. hackerone), and a word list. You could either use the example wordlist.txt file from this repository, or get a word list elsewhere. Optionally, you could specify the number of threads (defaults to 10).

$ s3enum --wordlist examples/wordlist.txt --suffixlist examples/suffixlist.txt --threads 10 hackerone

hackerone
hackerone-attachment
hackerone-attachments
hackerone-static
hackerone-upload

By default s3enum will use the name server as specified in /etc/resolv.conf. Alternatively, you could specify a different name server using the --nameserver option. Besides, you could test multiple names at the same time.

s3enum \
  --wordlist examples/wordlist.txt \
  --suffixlist examples/suffixlist.txt \
  --nameserver 1.1.1.1 \
  hackerone h1 roflcopter

About

Fast Amazon S3 bucket enumeration tool for pentesters.

Resources

Readme

License

ISC license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • Go 100.0%