random-robbie/mass-s3-bucket-tester external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

random-robbie/mass-s3-bucket-tester

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/random-robbie/mass-s3-bucket-tester)

Close

random-robbie / mass-s3-bucket-testerView on GitHubMore

• External links
• Readme badge

This tests a list of s3 buckets to see if they have dir listings enabled or if they are uploadable

☆55Dec 10, 2025Updated 3 months ago

Alternatives and similar repositories for mass-s3-bucket-tester

Users that are interested in mass-s3-bucket-tester are comparing it to the libraries listed below

• random-robbie / AWS-Scanner

  View on GitHub
  Scans a list of websites for Cloudfront or S3 Buckets
  ☆110Oct 28, 2025Updated 4 months ago
• 0xspade / s3cario

  View on GitHub
  ☆16May 3, 2021Updated 4 years ago
• cybercdh / cnames

  View on GitHub
  take a list of resolved subdomains and output any corresponding CNAMES en masse.
  ☆18Jan 29, 2026Updated last month
• abuvanth / kicks3

  View on GitHub
  S3 bucket finder from html,js and bucket misconfiguration testing tool
  ☆34Feb 10, 2020Updated 6 years ago
• random-robbie / bugbountydork

  View on GitHub
  Bug Bounty Dork
  ☆72Feb 14, 2022Updated 4 years ago
• k4mpr3t / web-for-pentester-I

  View on GitHub
  Web for Pentester I
  ☆11Sep 21, 2018Updated 7 years ago
• hpy / permDNS

  View on GitHub
  A rewrite of the popular altDNS subdomain tool by @infosec-au
  ☆12Feb 28, 2019Updated 7 years ago
• codewatchorg / Burp-AnonymousCloud

  View on GitHub
  Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
  ☆48Jan 11, 2023Updated 3 years ago
• cybercdh / dirlstr

  View on GitHub
  Finds Directory Listings or open S3 buckets from a list of URLs
  ☆52Dec 1, 2021Updated 4 years ago
• Naategh / dom-red

  View on GitHub
  Small script to check a list of domains against open redirect vulnerability
  ☆29Jan 22, 2022Updated 4 years ago
• honeydbio / honeydb-python

  View on GitHub
  HoneyDB Python Module
  ☆14Feb 6, 2024Updated 2 years ago
• ameenmaali / qsinject

  View on GitHub
  qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.
  ☆30May 6, 2020Updated 5 years ago
• random-robbie / angularjs-csti-scanner

  View on GitHub
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
  ☆11Dec 14, 2025Updated 3 months ago
• destine21 / ZIPFileRaider

  View on GitHub
  ZIP File Raider - Burp Extension for ZIP File Payload Testing
  ☆72Aug 31, 2020Updated 5 years ago
• visualbasic6 / google-drive-infoleak

  View on GitHub
  patched information leak leaking full names associated with some email addresses including but not limited to gmail
  ☆37Mar 13, 2021Updated 5 years ago
• shivsahni / NSBrute

  View on GitHub
  Python utility to takeover domains vulnerable to AWS NS Takeover
  ☆86Feb 2, 2023Updated 3 years ago
• wish-i-was / femida

  View on GitHub
  Automated blind-xss search for Burp Suite
  ☆285Oct 10, 2019Updated 6 years ago
• rudSarkar / T1tl3

  View on GitHub
  A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title
  ☆12Oct 16, 2019Updated 6 years ago
• starhackerz / toriprotate

  View on GitHub
  Simple burp extension for routing traffic over tor. It instruments tor to switch to a new circuit after every N requests.
  ☆20Jun 20, 2022Updated 3 years ago
• khast3x / CloudScraper

  View on GitHub
  CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
  ☆11Oct 29, 2018Updated 7 years ago
• arbazkiraak / BurpBLH

  View on GitHub
  Broken Link Hijacking Burp Extension
  ☆57Sep 13, 2019Updated 6 years ago
• random-robbie / All-in-One-WP-Migration-Backup-Finder

  View on GitHub
  All-in-One WP Migration-Backup-Finder
  ☆15Nov 5, 2025Updated 4 months ago
• kiranreddyrebel / PostMessage_Fuzz_Tool

  View on GitHub
  #BugBounty #BugBounty Tools #WebDeveloper Tool
  ☆38May 17, 2025Updated 10 months ago
• hahwul / s3reverse

  View on GitHub
  The format of various s3 buckets is convert in one format. for bugbounty and security testing.
  ☆87May 6, 2023Updated 2 years ago
• hipotermia / vaya-ciego-nen

  View on GitHub
  Detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
  ☆39Jan 20, 2023Updated 3 years ago
• nashcontrol / bounty-monitor

  View on GitHub
  Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …
  ☆224Dec 7, 2022Updated 3 years ago
• sudobyter-hub / Hun2race

  View on GitHub
  Hun2race is an automated report generation tool designed for bug hunters and penetration testers.
  ☆14Sep 17, 2024Updated last year
• bfuzzy / ThreatHunter-Playbook

  View on GitHub
  A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
  ☆14Jul 18, 2018Updated 7 years ago
• dariusztytko / jwt-key-id-injector

  View on GitHub
  Simple python script to check against hypothetical JWT vulnerability.
  ☆51Nov 29, 2020Updated 5 years ago
• nccgroup / s3_objects_check

  View on GitHub
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆78Mar 4, 2022Updated 4 years ago
• pentestgeek / burpcommander

  View on GitHub
  Ruby command-line interface to Burp Suite's REST API
  ☆58Apr 1, 2020Updated 5 years ago
• subzero987 / Github_Dorks_Tips

  View on GitHub
  This is GitHub_Dorks and some tips i collect from different resources.Recon_Api is tip when you find token or api without knowing what to…
  ☆21Sep 15, 2021Updated 4 years ago
• eur0pa / goGetBucket

  View on GitHub
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆26Dec 12, 2018Updated 7 years ago
• anshumanbh / tko-subs

  View on GitHub
  A tool that can help detect and takeover subdomains with dead DNS records
  ☆772Jan 3, 2021Updated 5 years ago
• BountyMachine / about

  View on GitHub
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆34Nov 17, 2018Updated 7 years ago
• JordyZomer / autoSubTakeover

  View on GitHub
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆134Aug 14, 2023Updated 2 years ago
• chrispetrou / pypentesting

  View on GitHub
  python tools to assist in penetration testing
  ☆14Jan 19, 2026Updated 2 months ago
• zidekmat / graphql_beautifier

  View on GitHub
  Burp Suite extension to help make Graphql request more readable
  ☆32Dec 7, 2017Updated 8 years ago
• random-robbie / open-redirect

  View on GitHub
  Open Redirect Finder.
  ☆52Nov 8, 2025Updated 4 months ago