#TodayILearned
  • Intro
  • Mobile
    • ADB
    • Bundletool
    • Frida
    • Objection
    • Apktool
    • Patching Smali
    • jadx
    • Xamarin
    • Emulator
    • Correlium
  • Network
    • Bettercap
  • Red Team
    • Unicorn
    • Macros
    • Defense Evasion
      • Load shellcode from memory using Golang
      • Hershell
    • Initial Compromise
      • Password Spraying
  • Web
    • Burp
    • IIS
  • Pentest
    • Metasploit
    • sqlmap
    • Hashcat
  • Miscellaneous
  • Recon
  • Docker
    • GitHub
    • Pulling from an insecure registry
    • Exploring a Docker image
  • Recon
    • Aquatone
    • Censys
    • MassDNS
    • S3 buckets enumeration with ffuf
    • Shodan
  • Flutter
    • Privilege Escalation
  • SSTI
Powered by GitBook
On this page

Was this helpful?

  1. Recon

S3 buckets enumeration with ffuf

There are multiple ways to address the bucket:

  • Virtual Hosted Style Access:

    • https://s3.Region.amazonaws.com/bucket-name/key

  • Path-Style Access:

    • https://bucket-name.s3.Region.amazonaws.com/key

ffuf -X HEAD \
-u "https://s3.us-east-1.amazonaws.com/DOMAIN"  \
-w "full.txt:DOMAIN" \
-fc 400 -v
PreviousMassDNSNextShodan

Last updated 5 years ago

Was this helpful?