.png)
4 years ago
191 BOOK THIS SPACE FOR AD
ARTICLE AD
we’ve developed a search engine that indexes S3 buckets and their content to help security professionals and bug bounty hunters find their way to unsecured buckets, it’s called Cloudleaks
if you’re an ethical hacker, security professional or even someone with the slightest interest in cybersecurity then you’ve probably heard of some of the major S3 leaks that happened in the last 3 years.
cloud storage buckets are becoming a major attack vector even for large corporations, corporations like Verizon, Twilio, Ford, Netflix, TD Bank or even governments where a slight misconfiguration can lead to a large data leak.
this is where Cloudleaks steps in, we’ve developed a search engine that’s indexing S3 buckets and their content at a rate of +30 million files everyday, and this figure is very likely to increase as we grow, the point is to help security and data analysts track potential data leaks, it’s also a tool that can be used by bug bounty hunters to find unsecured buckets
to help achieve that goal, we’ve put in place a list of search operators that allow filtering results by filename, filetype, size, date and sorting by size or date along with boolean logic and stopwords, and thanks to Query DSL flexibility you don’t have to worry about writing complex queries.
Bengali (Bangladesh) · 
English (United States) ·