{"id":10170,"date":"2020-04-09T21:43:06","date_gmt":"2020-04-09T16:13:06","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=10170"},"modified":"2020-04-09T21:43:06","modified_gmt":"2020-04-09T16:13:06","slug":"sandcastle","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/sandcastle\/","title":{"rendered":"Sandcastle : A Python Script For AWS S3 Bucket Enumeration"},"content":{"rendered":"\n<p>Inspired by a conversation with Instacart&#8217;s @nickelser on HackerOne, I&#8217;ve optimized and published Sandcastle \u2013 a Python script for AWS S3 bucket enumeration, formerly known as bucketCrawler.<\/p>\n\n\n\n<p>The script takes a target&#8217;s name as the stem argument (e.g. <code><strong>shopify<\/strong><\/code>) and iterates through a file of bucket name permutations, such as the ones below:<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">-training <br>-bucket <br>-dev <br>-attachments <br>-photos <br>-elasticsearch [&#8230;] <\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Getting Started<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Here&#8217;s how to get started:<\/strong><ul><li>Clone this repo (PyPi distribution temporarily disabled).<\/li><li>Run <code><strong>sandcastle.py<\/strong><\/code> with a target name and input file (grab an example from this repo)<\/li><li>Matching bucket permutations will be identified, and read permissions tested.<\/li><\/ul><\/li><\/ul>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>Usage:<\/strong> sandcastle.py [-h] -t targetStem [-f inputFile]<br><strong>Arguments:<\/strong><br>-h, &#8211;help show this help message and exit<br>-t targetStem, &#8211;target targetStem<br>Select a target stem name (e.g. &#8216;shopify&#8217;)<br>-f inputFile, &#8211;file inputFile<br>Select a bucket permutation file (default: bucket-<br>names.txt)<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">&gt;&gt;S3 bucket enumeration \/\/ release v1.2.4 \/\/ ysx<br>&gt;&gt;[*] Commencing enumeration of &#8216;shopify&#8217;, reading 138 lines from &#8216;bucket-names.txt&#8217;.<br>&gt;&gt;[+] Checking potential match: shopify-content &#8211;&gt; 403<br>&gt;&gt;An error occurred (AccessDenied) when calling the ListObjects operation: Access Denied<\/p>\n\n\n\n<p class=\"has-text-align-center\"><strong>Also Read &#8211; <a href=\"https:\/\/kalilinuxtutorials.com\/mssql-injection\/\" target=\"_blank\" rel=\"noreferrer noopener\">MSSQLi-DUET : MSSQL Injection-based Domain User Enumeration Tool<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Status Codes &amp; Testing<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-table is-style-stripes\"><table><thead><tr><th>Status code<\/th><th>Definition<\/th><th>Notes<\/th><\/tr><\/thead><tbody><tr><td>404<\/td><td>Bucket Not Found<\/td><td>Not a target for analysis (hidden by default)<\/td><\/tr><tr><td>403<\/td><td>Access Denied<\/td><td>Potential target for analysis via the CLI<\/td><\/tr><tr><td>200<\/td><td>Publicly Accessible<\/td><td>Potential target for analysis via the CLI<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>AWS CLI Commands<\/strong><\/p>\n\n\n\n<p>Here&#8217;s a quick reference of some useful AWS CLI commands:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>List Files: <code><strong>aws s3 ls s3:\/\/bucket-name<\/strong><\/code><\/li><li>Download Files: <code><strong>aws s3 cp s3:\/\/bucket-name\/&lt;file&gt; &lt;destination&gt;<\/strong><\/code><\/li><li>Upload Files: <code><strong>aws s3 cp\/mv test-file.txt s3:\/\/bucket-name<\/strong><\/code><\/li><li>Remove Files: <code><strong>aws s3 rm s3:\/\/bucket-name\/test-file.txt<\/strong><\/code><\/li><\/ul>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>What is S3?<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>From the Amazon <a href=\"https:\/\/docs.aws.amazon.com\/AmazonS3\/latest\/dev\/UsingBucket.html\" target=\"_blank\" rel=\"noreferrer noopener\">documentation<\/a>, Working with Amazon S3 Buckets:<\/li><li>Amazon S3 [Simple Storage Service] is cloud storage for the Internet. To upload your data (photos, videos, documents etc.), you first create a bucket in one of the AWS Regions. You can then upload any number of objects to the bucket.<\/li><li>In terms of implementation, buckets and objects are resources, and Amazon S3 provides APIs for you to manage them.<\/li><\/ul>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Closing Remarks<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>This is my first public security project. Sandcastle is published under the MIT License.<\/li><li>Usage acknowledgements:<ul><li><strong>Castle (icon) by Andrew Doane from the Noun Project<\/strong><\/li><li><strong>Nixie One (logo typeface) free by Jovanny Lemonad<\/strong><\/li><\/ul><\/li><\/ul>\n\n\n\n<div class=\"wp-block-buttons aligncenter is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-background has-vivid-cyan-blue-background-color\" href=\"https:\/\/github.com\/0xSearches\/sandcastle\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Inspired by a conversation with Instacart&#8217;s @nickelser on HackerOne, I&#8217;ve optimized and published Sandcastle \u2013 a Python script for AWS S3 bucket enumeration, formerly known as bucketCrawler. The script takes a target&#8217;s name as the stem argument (e.g. shopify) and iterates through a file of bucket name permutations, such as the ones below: -training -bucket [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16222,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png","fifu_image_alt":"Sandcastle : A Python Script For AWS S3 Bucket Enumeration","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[305,2684,2912,2913,2929],"class_list":["post-10170","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-aws","tag-python-script","tag-s3","tag-s3-bucket","tag-sandcastle"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Sandcastle : A Python Script For AWS S3 Bucket Enumeration<\/title>\n<meta name=\"description\" content=\"Inspired by a conversation with Instacart&#039;s @nickelser on HackerOne, I&#039;ve optimized and published Sandcastle \u2013 a Python script for AWS S3 bucket enumeration\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/sandcastle\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Sandcastle : A Python Script For AWS S3 Bucket Enumeration\" \/>\n<meta property=\"og:description\" content=\"Inspired by a conversation with Instacart&#039;s @nickelser on HackerOne, I&#039;ve optimized and published Sandcastle \u2013 a Python script for AWS S3 bucket enumeration\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/sandcastle\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-09T16:13:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/sandcastle\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/sandcastle\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"Sandcastle : A Python Script For AWS S3 Bucket Enumeration\",\"datePublished\":\"2020-04-09T16:13:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/sandcastle\/\"},\"wordCount\":364,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/sandcastle\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png\",\"keywords\":[\"AWS\",\"Python Script\",\"S3\",\"S3 Bucket\",\"Sandcastle\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/sandcastle\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/sandcastle\/\",\"name\":\"Sandcastle : A Python Script For AWS S3 Bucket Enumeration\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/sandcastle\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/sandcastle\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png\",\"datePublished\":\"2020-04-09T16:13:06+00:00\",\"description\":\"Inspired by a conversation with Instacart's @nickelser on HackerOne, I've optimized and published Sandcastle \u2013 a Python script for AWS S3 bucket enumeration\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/sandcastle\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/sandcastle\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Sandcastle : A Python Script For AWS S3 Bucket Enumeration","description":"Inspired by a conversation with Instacart's @nickelser on HackerOne, I've optimized and published Sandcastle \u2013 a Python script for AWS S3 bucket enumeration","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/sandcastle\/","og_locale":"en_US","og_type":"article","og_title":"Sandcastle : A Python Script For AWS S3 Bucket Enumeration","og_description":"Inspired by a conversation with Instacart's @nickelser on HackerOne, I've optimized and published Sandcastle \u2013 a Python script for AWS S3 bucket enumeration","og_url":"https:\/\/kalilinuxtutorials.com\/sandcastle\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2020-04-09T16:13:06+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/sandcastle\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/sandcastle\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"Sandcastle : A Python Script For AWS S3 Bucket Enumeration","datePublished":"2020-04-09T16:13:06+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/sandcastle\/"},"wordCount":364,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/sandcastle\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png","keywords":["AWS","Python Script","S3","S3 Bucket","Sandcastle"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/sandcastle\/","url":"https:\/\/kalilinuxtutorials.com\/sandcastle\/","name":"Sandcastle : A Python Script For AWS S3 Bucket Enumeration","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/sandcastle\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/sandcastle\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png","datePublished":"2020-04-09T16:13:06+00:00","description":"Inspired by a conversation with Instacart's @nickelser on HackerOne, I've optimized and published Sandcastle \u2013 a Python script for AWS S3 bucket enumeration","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/sandcastle\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/sandcastle\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-7bz2H6k5fiI\/Xos7ncirNFI\/AAAAAAAAF2A\/y-SYA_tf24g4BNftyKObVVcwRVUjjWgPgCLcBGAsYHQ\/s1600\/sandcastle.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":10280,"url":"https:\/\/kalilinuxtutorials.com\/lunar\/","url_meta":{"origin":10170,"position":0},"title":"Lunar : A Lightweight Native DLL Mapping Library","author":"R K","date":"April 17, 2020","format":false,"excerpt":"Lunar is a lightweight native DLL mapping library that supports mapping directly from memory. Features Imports and delay imports are resolvedRelocations are performedImage sections are mapped with the correct page protectionException handlers are initialisedA security cookie is generated and initialisedDLL entry point and TLS callbacks are called Getting Started The\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10485,"url":"https:\/\/kalilinuxtutorials.com\/skywrapper\/","url_meta":{"origin":10170,"position":1},"title":"SkyWrapper : Tool To Discover Suspicious Creation Forms","author":"R K","date":"May 5, 2020","format":false,"excerpt":"SkyWrapper is an open-source project which analyzes behaviors of temporary tokens created in a given AWS account. The tool is aiming to find suspicious creation forms and uses of temporary tokens to detect malicious activity in the account. The tool analyzes the AWS account, and creating an excel sheet includes\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":35734,"url":"https:\/\/kalilinuxtutorials.com\/awesomeuserfinder\/","url_meta":{"origin":10170,"position":2},"title":"AWeSomeUserFinder : Harnessing AWS IAM For Username Enumeration And Password Security","author":"Varshini","date":"January 23, 2025","format":false,"excerpt":"AWS IAM Username Enumerator and Password Spraying Tool in Python3 In order to use the tool with the UpdateAssumeRolePolicy method, the IAM user account utilized must have the following permissions attached: \"iam:GetRole\" \"iam:CreatePolicy\" \"iam:UpdateAssumeRolePolicy\" \"iam:CreateRole\" \"iam:AttachRolePolicy\" An example policy is included in the files named \"example_assume_role_policy.json\" in the example_policies directory.\u2026","rel":"","context":"In &quot;Hacking Tools&quot;","block_context":{"text":"Hacking Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/hacking-tools\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/AWeSomeUserFinder-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/AWeSomeUserFinder-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/AWeSomeUserFinder-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/AWeSomeUserFinder-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/AWeSomeUserFinder-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/AWeSomeUserFinder-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":8842,"url":"https:\/\/kalilinuxtutorials.com\/s3enum\/","url_meta":{"origin":10170,"position":3},"title":"S3enum : Fast Amazon S3 Bucket Enumeration Tool For Pentesters","author":"R K","date":"February 6, 2020","format":false,"excerpt":"S3enum is a tool to enumerate a target's Amazon S3 buckets. It is fast and leverages DNS instead of HTTP, which means that requests don't hit AWS directly. Go go get github.com\/koenrh\/s3enum Also Read - PythonAESObfuscate : Obfuscates a Python Script & Accompanying Shellcode Usage You need to specify the\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":28810,"url":"https:\/\/kalilinuxtutorials.com\/thundercloud\/","url_meta":{"origin":10170,"position":4},"title":"ThunderCloud : Cloud Exploit Framework","author":"R K","date":"April 19, 2023","format":false,"excerpt":"ThunderCloud is a Cloud Exploit Framework. Usage python3 tc.py -h _______ _ _ _____ _ _ |__ __| | | | \/ ____| | | | | | | |__ _ _ _ __ __| | ___ _ __| | | | ___ _ _ __| | | | |\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgPmvFDKg8UXPdSgsgmdnTnmiaVlp-1akIdYvSDGll_KLKZfiacoB0VG-Y16t74HmN5gTL-ZclhaRi97exi_jmsGuYQUtColFab86xjtYoQrS3XLjgCY3nhTJE2ftHcob7SauTJJpHiLabHPBtrvzKv7Wi4VN7NmJtfWxrQwrnZPTok7Z5U0qda-gMo\/s728\/kali%20temp%285%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgPmvFDKg8UXPdSgsgmdnTnmiaVlp-1akIdYvSDGll_KLKZfiacoB0VG-Y16t74HmN5gTL-ZclhaRi97exi_jmsGuYQUtColFab86xjtYoQrS3XLjgCY3nhTJE2ftHcob7SauTJJpHiLabHPBtrvzKv7Wi4VN7NmJtfWxrQwrnZPTok7Z5U0qda-gMo\/s728\/kali%20temp%285%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgPmvFDKg8UXPdSgsgmdnTnmiaVlp-1akIdYvSDGll_KLKZfiacoB0VG-Y16t74HmN5gTL-ZclhaRi97exi_jmsGuYQUtColFab86xjtYoQrS3XLjgCY3nhTJE2ftHcob7SauTJJpHiLabHPBtrvzKv7Wi4VN7NmJtfWxrQwrnZPTok7Z5U0qda-gMo\/s728\/kali%20temp%285%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgPmvFDKg8UXPdSgsgmdnTnmiaVlp-1akIdYvSDGll_KLKZfiacoB0VG-Y16t74HmN5gTL-ZclhaRi97exi_jmsGuYQUtColFab86xjtYoQrS3XLjgCY3nhTJE2ftHcob7SauTJJpHiLabHPBtrvzKv7Wi4VN7NmJtfWxrQwrnZPTok7Z5U0qda-gMo\/s728\/kali%20temp%285%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":9789,"url":"https:\/\/kalilinuxtutorials.com\/awsgen-py-aws-s3-bucket-name-generator-beta-v\/","url_meta":{"origin":10170,"position":5},"title":"AWSGen.py : AWS S3 Bucket Name Generator (beta v.)","author":"R K","date":"March 19, 2020","format":false,"excerpt":"AWSGen.py\u00a0is a simple tool for generates permutations, alterations and mutations of AWS S3 Buckets Names Also Read - Betwixt : Web Debugging Proxy Based On Chrome Devtools Network Panel Example: Download","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/10170","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=10170"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/10170\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16222"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=10170"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=10170"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=10170"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}