GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → koenrh → S3enum

koenrh / S3enum

Licence: isc
Fast Amazon S3 bucket enumeration tool for pentesters.

Programming Languages

go
31211 projects - #10 most used programming language
golang
3204 projects

Labels

recon

Projects that are alternatives of or similar to S3enum

Awesome Asset Discovery
List of Awesome Asset Discovery Resources
Stars: ✭ 1,017 (+754.62%)
Mutual labels:  recon
Winpwn
Automation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+994.96%)
Mutual labels:  recon
Scilla
🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-2.52%)
Mutual labels:  recon
Hoper
Security tool to trace URL's jumps across the rel links to obtain the last URL
Stars: ✭ 50 (-57.98%)
Mutual labels:  recon
Cloudfail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+941.18%)
Mutual labels:  recon
Uddup
Urls de-duplication tool for better recon.
Stars: ✭ 103 (-13.45%)
Mutual labels:  recon
Gitgot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+710.08%)
Mutual labels:  recon
Bash scripting
bash scripting thing !
Stars: ✭ 118 (-0.84%)
Mutual labels:  recon
Bugbounty Starter Notes
bug bounty hunters starter notes
Stars: ✭ 85 (-28.57%)
Mutual labels:  recon
Gitmonitor
One way to continuously monitor sensitive information that could be exposed on Github
Stars: ✭ 115 (-3.36%)
Mutual labels:  recon
Observer cli
Visualize Erlang/Elixir Nodes On The Command Line
Stars: ✭ 1,058 (+789.08%)
Mutual labels:  recon
Reconcat
A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-44.54%)
Mutual labels:  recon
Oscp Prep
my oscp prep collection
Stars: ✭ 105 (-11.76%)
Mutual labels:  recon
Github Recon
GitHub Recon — and what you can achieve with it!
Stars: ✭ 47 (-60.5%)
Mutual labels:  recon
Yotter
yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage
Stars: ✭ 118 (-0.84%)
Mutual labels:  recon
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+718.49%)
Mutual labels:  recon
Arl
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+1040.34%)
Mutual labels:  recon
Goaltdns
A permutation generation tool written in golang
Stars: ✭ 119 (+0%)
Mutual labels:  recon
Grecon
Your Google Recon is Now Automated
Stars: ✭ 119 (+0%)
Mutual labels:  recon
Deksterecon
Web Application recon automation
Stars: ✭ 109 (-8.4%)
Mutual labels:  recon
View All Similar Projects ➔

I have archived this project, because Amazon killed the DNS feature this tool used to enumerate S3 bucket names. For details, read this GitHub issue.

s3enum

s3enum is a tool to enumerate a target's Amazon S3 buckets. It is fast and leverages DNS instead of HTTP, which means that requests don't hit AWS directly.

It was originally built back in 2016 to target GitHub.

Installation

Binaries

Find the binaries on the Releases page.

Go

go get github.com/koenrh/s3enum

Usage

You need to specify the base name of the target (e.g. hackerone), and a word list. You could either use the example wordlist.txt file from this repository, or get a word list elsewhere. Optionally, you could specify the number of threads (defaults to 10).

$ s3enum --wordlist examples/wordlist.txt --suffixlist examples/suffixlist.txt --threads 10 hackerone

hackerone
hackerone-attachment
hackerone-attachments
hackerone-static
hackerone-upload

By default s3enum will use the name server as specified in /etc/resolv.conf. Alternatively, you could specify a different name server using the --nameserver option. Besides, you could test multiple names at the same time.

s3enum \
  --wordlist examples/wordlist.txt \
  --suffixlist examples/suffixlist.txt \
  --nameserver 1.1.1.1 \
  hackerone h1 roflcopter
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].