Skip to content

A Python based Recon Tool to search for Storage Buckets

License

Notifications You must be signed in to change notification settings

MayankPandey01/OwnBucket

Repository files navigation

🤔 What's OwnBucket?

OwnBucket is a Python Based Recon tool for Storage Buckets. It scans for AWS S3 Bucket, Azure Storage Blob and GCP Buckets by bruteforcing using different permutations.

🚀 Usage

OwnBucket can be easily used from the command line

  • python3 ownbucket.py -t {COMPANY}

Screenshot 2023-01-04 150553

Additional Arguments can be passed to use tool in different way:

  • -t : To Provide a Company Name for Scanning
  • --aws : Only Check for AWS S3 Buckets (Default)
  • --gcp : Only Check for GCP Buckets
  • --azure : Only Check for Azure Storage Blob
  • --all : Check for both AWS S3 and GCP Buckets

Sometimes the tool reaches the rate limit while scanning S3 buckets, to prevent this from happening no_of_workers are reduced to 10 , If you increase this it will result in true-negatives or will give no result at all. Kepping less numbers of threads may drastically increase the total execution time of the scanner, but gives better results.

🔧Installation

🔨 Using Git

  • git clone https://github.com/MayankPandey01/OwnBucket
  • python3 ownbucket.py -h

🧪 Recommended Python Version:

  • This Tool Only Supports Python 3.
  • The recommended version for Python 3 is 3.8.x.

⛳ Dependencies:

The dependencies can be installed using the requirements file:

Installation on Windows:

  • python.exe -m pip3 install -r requirements.txt.

Installation on Linux:

  • sudo python3 pip3 install -r requirements.txt.

🐞 Bug Bounties

This tool is focused mainly on Bug Bounty Hunters and Security Professionals . You Can Use OwnBucket to Scan For Different Storage Buckets of the Target Company.

🎯 Contribution PRs Welcome

We Love to Get Contribution from the Open Source Community💙. You are Welcome to Provide your Important Suggestions to make this tool more Awesome. Open a PR and we will See to it ASAP.

Ways to contribute

  • Suggest a feature
  • Report a bug
  • Fix something and open a pull request
  • Spread the word

📚 DISCLAIMER

This project is a personal development. Please respect its philosophy and don't use it for evil purposes. By using OwnBucket, you agree to the MIT license included in the repository. For more details at The MIT License — OpenSource.

Happy Hacking ✨✨

This Tool is Highly Motivated by LazyS3

📃 Licensing

This project is licensed under the MIT license.