{"id":13580022,"url":"https://github.com/belane/CloudHunter","last_synced_at":"2025-04-06T00:30:37.985Z","repository":{"id":44413860,"uuid":"210582381","full_name":"belane/CloudHunter","owner":"belane","description":"AWS, Azure, Alibaba and Google bucket scanner","archived":false,"fork":false,"pushed_at":"2023-08-25T13:23:10.000Z","size":85,"stargazers_count":144,"open_issues_count":0,"forks_count":30,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-01T01:17:20.550Z","etag":null,"topics":["alibaba","aws","azure","bucket","bugbounty","fuzzer","google-cloud","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/belane.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-09-24T11:08:37.000Z","updated_at":"2025-03-08T10:43:22.000Z","dependencies_parsed_at":"2024-01-07T18:09:26.837Z","dependency_job_id":null,"html_url":"https://github.com/belane/CloudHunter","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/belane%2FCloudHunter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/belane%2FCloudHunter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/belane%2FCloudHunter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/belane%2FCloudHunter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/belane","download_url":"https://codeload.github.com/belane/CloudHunter/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247419597,"owners_count":20936009,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alibaba","aws","azure","bucket","bugbounty","fuzzer","google-cloud","security-tools"],"created_at":"2024-08-01T15:01:46.179Z","updated_at":"2025-04-06T00:30:37.641Z","avatar_url":"https://github.com/belane.png","language":"Python","readme":"# CloudHunter\nLooks for AWS, Azure, Alibaba and Google cloud storage buckets and lists permissions for vulnerable buckets.\n\n## Usage\n\n` python3 cloudhunter.py --permutations-file permutations-big.txt COMPANY_NAME `\n\n` python3 cloudhunter.py --services aws,alibaba COMPANY_NAME `\n\n` python3 cloudhunter.py --threads 50 http://example.com `\n\n` python3 cloudhunter.py --write-test -s alibaba --open-only http://example.com `\n\n\n### Help\n\n```bash\nusage: cloudhunter.py [-h] [-p file] [-s aws,google,azure,alibaba] [-w] [-r file] [-t num] [-c num] [-b] [-d] [-v] [-o] input\n\npositional arguments:\n  input                          Company name, url or any base name.\n\noptions:\n  -h, --help                     show this help message and exit\n  -p, --permutations-file file   Permutations file.\n  -s, --services aws,google,azure,alibaba   Specifies target services.\n  -w, --write-test               Enable write test to read rights when other methods fail.\n  -r, --resolvers file           DNS resolvers file.\n  -t, --threads num              Threads.\n  -c, --crawl-deep num           How many pages to crawl after the first.\n  -b, --base-only                Checks only the base name, skips permutations generation.\n  -d, --disable-bruteforce       Disable discovery by brute force.\n  -v, --verbose                  Verbose log.\n  -o, --open-only                Show only open buckets.\n```\n\n\n## Output\n\n```bash\n python3 cloudhunter.py -t 10 http://example.com\n\n           ________                ____  __            __\n          / ____/ /___  __  ______/ / / / /_  ______  / /____  _____\n         / /   / / __ \\/ / / / __  / /_/ / / / / __ \\/ __/ _ \\/ ___/\n        / /___/ / /_/ / /_/ / /_/ / __  / /_/ / / / / /_/  __/ /\n        \\____/_/\\____/\\__,_/\\__,_/_/ /_/\\__,_/_/ /_/\\__/\\___/_/\n\n\n[\u003e] Crawling http://example.com ...\n[\u003e] 61 possible endpoints found\n    Azure Cloud           https://dmpcdn.files-example/cdn               PRIVATE\n    Google Cloud          http://demo-site.org                           OPEN      Redirect https://demo-site.org/\n    Google Cloud          https://other.net                              OPEN\n\n[\u003e] Bruteforce 1591 name permutations.\n\n[+] Check Google Cloud\n    Google Storage        example.storage.googleapis.com                 PRIVATE\n    Google Storage        example-attachments.storage.googleapis.com     OPEN      AllUsers [LR]\n    Google Storage        example-backups.storage.googleapis.com         PRIVATE\n    Google Storage        examplestorage.storage.googleapis.com          OPEN      AllUsers [LRWV]\n    Google Storage        examplestore.storage.googleapis.com            PRIVATE\n    Google App Engine     example.bigtable.appspot.com                   OPEN      WebApp Error\n    Google App Engine     example.beta.appspot.com                       OPEN\n    Google App Engine     example.data-private.appspot.com               OPEN      Redirect https://accounts.google.com/ServiceLogin\n\t...\n[+] Check Amazon Cloud\n    AWS Bucket            examplefiles.s3.amazonaws.com                  OPEN      LIST\n    AWS Bucket            finance-example.s3.amazonaws.com               PRIVATE\n    AWS Bucket            examplejs.s3.amazonaws.com                     OPEN      gmantri [F] | AllUsers [RW]\n    AWS Bucket            example-logs.s3.amazonaws.com                  PRIVATE\n    AWS Bucket            example.media.s3.amazonaws.com                 OPEN      zectroxity [RW] | AllUsers [R]\n    AWS Bucket            exampleresources.s3.amazonaws.com              PRIVATE\n    AWS Bucket            s3-example.s3.amazonaws.com                    OPEN      develop [F] | AuthenticatedUsers [F] | df99361a [F]\n    AWS Bucket            exampleshop.s3.amazonaws.com                   PRIVATE\n    AWS Bucket            example-web.s3.amazonaws.com                   OPEN      42cf2125 [F]\n\t...\n[+] Check Alibaba Cloud\n    Alibaba Bucket        example-admin.oss-cn-hangzhou.aliyuncs.com     PRIVATE\n    Alibaba Bucket        example-data.oss-cn-beijing.aliyuncs.com       OPEN      WRITE\n    Alibaba Bucket        exampledemo.oss-cn-beijing.aliyuncs.com        OPEN      root [RW] | AllUsers [R]\n    Alibaba Bucket        demo-example.oss-cn-shanghai.aliyuncs.com      PRIVATE\n    Alibaba Bucket        example-demo.oss-cn-shenzhen.aliyuncs.com      OPEN      LIST\n\t...\n[+] Check Azure Cloud\n    Storage Files         example.file.core.windows.net                  PRIVATE\n    App Management        example-demo.blob.core.windows.net             PRIVATE\n    App Azure             githubexample.blob.core.windows.net            OPEN\n    App Azure             exampletest.azurewebsites.net                  PRIVATE\n    App Azure             jira-example.azurewebsites.net                 OPEN      Redirect https://jira-example.azurewebsites.net/\n    App Azure             examplestats.azurewebsites.net                 OPEN\n    Databases-MSSQL       example-project.database.windows.net           DOMAIN\n    Email                 example.mail.protection.outlook.com            DOMAIN\n    SharePoint            example.sharepoint.com                         PRIVATE   Redirect https://example.sharepoint.com/\n\t...\n```\n\n## Disclaimer\n\nThis tool provided is intended for legal and ethical use only. Any unauthorized or malicious use of this tool is strictly prohibited and may result in legal actions. The developers of this tool are not responsible for any misuse or damage caused by the tool. Use this tool at your own risk and with discretion and always obtain proper authorization before using this tool on any system or network that you do not own or have legal permission to test. The \"write-test\" option performs intrusive operations to determine bucket rights, use only with explicit authorization.\n\n\n## Thanks\n\n- [@brianwarehime](https://github.com/brianwarehime) ([inSp3ctor](https://github.com/brianwarehime/inSp3ctor))\n- [@SpenGietz](https://github.com/SpenGietz) ([GCPBucketBrute](https://github.com/RhinoSecurityLabs/GCPBucketBrute))\n- [@kfosaaen](https://github.com/kfosaaen) ([MicroBurst](https://github.com/NetSPI/MicroBurst))\n- [@PatrikHudak](https://github.com/PatrikHudak) ([second-order](https://gist.github.com/PatrikHudak/2006c50a694cc76ead705c91805df78b))\n","funding_links":[],"categories":["Python","Cloud Platform Attack Tools"],"sub_categories":["Malware Analysis Books"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbelane%2FCloudHunter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbelane%2FCloudHunter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbelane%2FCloudHunter/lists"}