S3Scanner
S3Scanner S3Scanner is the Python powerhouse for probing AWS S3 buckets, wordlisting names and testing permissions for public access without heavy AWS creds for quick cloud recon. Run its script with -bucket for targets and -threads for speed, outputting open ones for further audits. Open-source from sa7mon, it's the bucket blaster for pentesters templating exposure hunts in AWS footprints.
Explore →CloudEnum
CloudEnum CloudEnum is the multi-cloud enumerator that fuzzes S3-like buckets across AWS, Azure, and GCP with wordlists, detecting public storage without API keys for broad recon. Launch its Python CLI with -k for keywords, resolving hits for ownership checks. Open-source from initstring, it's the cloud cartographer for OSINT pros mapping forgotten assets across providers.
Explore →S3Recon
S3Recon S3Recon automates S3 bucket enum and permission tests, generating names from domains and probing for read/write access in targeted cloud discovery. Run its Python script with -bucket for lists, exporting JSON for vuln scanners. Open-source from jordan-p-rivera, it's the recon ranger for auditors templating S3 sweeps in AWS perimeters.
Explore →BucketStream
BucketStream BucketStream generates and tests S3 bucket permutations on the fly, focusing on subdomain variations for thorough coverage in passive-active hybrids. Feed its Ruby script with domains, resolving for public hits with minimal noise. Open-source from ankane, it's the permutator for pentesters wordlisting subs into storage secrets.
Explore →Prowler
Prowler Prowler's S3 module audits bucket policies for misconfigs like public ACLs, templating checks against CIS benchmarks for compliance in AWS accounts. Run its Python CLI with -p S3 for focused scans, outputting JSON for remediation. Open-source from prowler-cloud, it's the policy patroller for cloud admins templating secure storage audits.
Explore →S3BucketEnum
S3BucketEnum S3BucketEnum brute-forces bucket names with wordlists, verifying existence and permissions for public exposure in rapid cloud recon sweeps. Configure its Go binary with dicts, running on scopes for CSV outputs. Open-source from arthaud, it's the enum engine for pentesters templating bucket discovery without APIs.
Explore →Massive S3
Massive S3 Massive S3 scales bucket enum with massive wordlists and parallel tests, detecting public read/write for data leaks in high-volume AWS recon. Run its Python script with -b for buckets, filtering for open ones in logs. Open-source from liquidsec, it's the mass miner for auditors unearthing exposed storage troves.
Explore →S3Enum
S3Enum S3Enum fuzzes bucket names from seeds like company domains, testing ACLs for anonymous access in lightweight cloud footprinting. Launch its Python CLI with -w for wordlists, exporting hits for manual dives. Open-source from community, it's the seed sifter for OSINT pros templating S3 intel from sparse starts.
Explore →bucket-finder
Bucket Finder bucket-finder is the simple enumerator for S3 paths, wordlisting objects in known buckets for public file discovery in storage recon. Run its Go binary with -bucket for targets, listing keys with pagination. Open-source from tomnomnom, it's the object oracle for pentesters templating contents from open containers.
Explore →s3scanner