Getting started
Knowledge hub
- Overview
-
-
- 34 M Wordlist Subdomain Brute Force
- Asn Based Network Scan
- Asset Discovery and Vulnerability Scanning
- Custom Subdomain Brute Force Wordlist From Ip Ranges
- Enumerate Cloud Resources
- Full Subdomain Enumeration
- Get Ips and Cnames
- Getdns
- Github Recon and Scanner
- Hostnames S3 Bucket Finder
- Simple Content Discovery
-
-
- amass
- anew
- apkurlgrep
- assetfinder
- cent
- cero
- cewl
- cloudenum
- crosslinked
- dnsdumpster-dns-lookup
- dnsdumpster-host-search
- dnstwist
- dnsvalidator
- dsieve
- dumpsterdiver
- eyeballer
- ffuf
- find-gh-poc
- findomain
- gau
- generate-yaml-report
- get-asn-prefixes
- get-trickest-output
- gf
- github-subdomains
- goaltdns
- gospider
- gotator
- hakcheckurl
- httprobe
- httpx
- infoga
- ipinfo
- jldc-subdomains
- katana
- mapcidr
- mass-linkfinder
- masscan
- massdns
- meg
- mksub
- naabu
- notify
- nrich
- nuclei
- oneforall
- puredns
- pymeta
- s3scanner
- securitytrails-subdomains
- spiderfoot
- sslyze
- subdomainizer
- subfinder
- tlsx
- uncover
- unfurl
- uro
- vita
- webanalyze-1
- webanalyze
- x8
Tutorials
- Creating a Workflow
- Downloading a Result
- Executing a Workflow
- How Do Machines Work
- Keeping Track of a Run
- Navigating in Workflow Editor
- Overview
- Saving a Workflow and History
- Scheduling a Workflow
- Using Workflows From Library
Concepts
Hostnames S3 Bucket Finder
Exposed cloud resources like storage buckets might contain important information no one should see. If these resources aren't properly protected, someone who shouldn't have access could get their hands on sensitive data, like passwords or personal information. This could lead to problems like data breaches or identity theft. \
\
This workflow finds your buckets based on the hostnames provided by using permutations and brute-forcing the bucket names.
Complexity: basic
Category: Attack Surface Management
Workflow
Hostnames S3 Bucket Finder
Tools
Setup
You can set up this workflow by changing following input value:
- TARGETS - provide a file containing hostnames list, as a target
Workflow Targets Setup
Execution and results
After setup workflow is ready to be executed. Once workflow’s last node, get-buckets script, is finished result can be viewed and downloaded.
get-buckets script will contain all of the found buckets based on the hostnames provided.
Try it out!
This workflow is available in the Library, you can copy it and execute it immediately!
Improve this workflow
- Brute-force through #batch-output
- Add arbitrary credentials to check for bucket permissions
- Download exposed files and directories on buckets found
- Use notify to send message for newly found misconfigured buckets
Get a Video Demo
Fill out and submit this form to receive an in-depth video demo of the Trickest platform.
Talk To Sales
Fill out the form and we'll get back to you about any questions you have on our products, services, pricing, or scheduling a demo.