Discovering buckets with Grayhat Warfare
The next tool we are going to mention in this chapter is a personal favorite of mine. It makes discovering open S3 buckets easy and efficient. The web-based tool Grayhat Warfare allows users to find open buckets quickly with a simple query, and it also allows us to find other documents quickly by searching various file types.
Let's go over a quick example that will look for files under the packtpub.com domain.
To start, first, open your web browser and go to https://buckets.grayhatwarfare.com/:
- Next, search packtpub.com in the Keywords section of the tool. Once you have the name in the Keywords box, click Search:
Figure 4.21 – Searching packtpub.com with Grayhat Warfare
- You'll see a banner saying Results for "packtpub com". Under the banner, you will see a list of buckets. In our case, with this example, we only discovered one bucket, however, that may change over time and by the time you complete...
