appsecco / Spaces Finder
Licence: mit
A tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Spaces Finder
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+2718.85%)
Mutual labels: osint, reconnaissance, recon, infosec, pentesting
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+250%)
Mutual labels: osint, pentesting, reconnaissance, recon
Intrec Pack
Intelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (+45.08%)
Mutual labels: osint, pentesting, reconnaissance, recon
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+343.44%)
Mutual labels: osint, pentesting, reconnaissance, recon
Sn0int
Semi-automatic OSINT framework and package manager
Stars: ✭ 814 (+567.21%)
Mutual labels: osint, pentesting, reconnaissance, recon
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+5540.98%)
Mutual labels: osint, infosec, reconnaissance, pentesting
flydns
Related subdomains finder
Stars: ✭ 29 (-76.23%)
Mutual labels: osint, infosec, recon, reconnaissance
Awesome Asset Discovery
List of Awesome Asset Discovery Resources
Stars: ✭ 1,017 (+733.61%)
Mutual labels: osint, infosec, reconnaissance, recon
Scilla
🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-4.92%)
Mutual labels: pentesting, reconnaissance, recon
Metabigor
Intelligence tool but without API key
Stars: ✭ 424 (+247.54%)
Mutual labels: osint, pentesting, infosec
Odin
Automated network asset, email, and social media profile discovery and cataloguing.
Stars: ✭ 476 (+290.16%)
Mutual labels: osint, reconnaissance, recon
Sifter
Sifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+230.33%)
Mutual labels: osint, pentesting, recon
Buster
An advanced tool for email reconnaissance
Stars: ✭ 387 (+217.21%)
Mutual labels: osint, infosec, recon
Theharvester
E-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+4961.48%)
Mutual labels: osint, reconnaissance, recon
Favfreak
Making Favicon.ico based Recon Great again !
Stars: ✭ 564 (+362.3%)
Mutual labels: osint, reconnaissance, recon
Git Hound
Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (+393.44%)
Mutual labels: osint, reconnaissance, recon
Osint team links
Links for the OSINT Team
Stars: ✭ 378 (+209.84%)
Mutual labels: osint, infosec, recon
Maryam
Maryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (+204.1%)
Mutual labels: osint, reconnaissance, recon
Gitgot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+690.16%)
Mutual labels: osint, reconnaissance, recon
Social Analyzer
API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+6825.41%)
Mutual labels: osint, pentesting, reconnaissance
Spaces finder
Spaces finder is a tool to quickly enumerate DigitalOcean Spaces to look for loot. It's similar to a subdomain bruteforcer but is made specifically for DigitalOcean Spaces and also has some extra features that allow you to grep for delicious files as well as download interesting files if you're not afraid to quickly fill up your hard drive.
By Bharath
Built on top of AWSBucketDump by @ok_bye_now
Pre-Requisites
Non-Standard Python Libraries:
Overview
- This is a tool that enumerates DigitalOcean Spaces and looks for interesting files
- I have example wordlists but I haven't put much time into refining them
-
https://github.com/danielmiessler/SecListswill have all the word lists you need - If you are targeting a specific company, you will likely want to use jhaddix's enumall tool which leverages recon-ng and Alt-DNS
- As far as word lists for grepping interesting files, that is completely up to you. The one I provided has some basics and yes, those word lists are based on files that I personally have found with this tool.
- Using the download feature might fill your hard drive up, you can provide a max file size for each download at the command line when you run the tool. Keep in mind that it is in bytes.
Usage:
usage: python3 spaces_finder.py [-h] [-D] [-t THREADS] -l HOSTLIST [-g GREPWORDS] [-m MAXSIZE]
optional arguments:
-h, --help show this help message and exit`
-D Download files. This requires significant diskspace`
-d If set to 1 or True, create directories for each host w/ results`
-t THREADS number of threads`
-l HOSTLIST`
-g GREPWORDS Provide a wordlist to grep for`
-m MAXSIZE Maximum file size to download.`
python3 spaces_finder.py -l SpacesNames.txt -g interesting_keywords.txt -D -m 500000 -d 1 -t 5
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].