Skip to content
/ s3Takeover Public

Automate the process of an S3 bucket subdomain takeover via dangling CNAME record

25 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

allyomalley/s3Takeover

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 
s3Takeover.go
s3Takeover.go
 
 

Repository files navigation

About

Tool to automate the process of an S3 bucket takeover via CNAME - given a target domain name, it will attempt to verify the vulnerability, extract the targetted bucket name and region from the domain's CNAME record, and then create the S3 bucket in your AWS account.

Installation

Install the tool and required dependencies:

go get github.com/allyomalley/s3Takeover/...

Note that the bucket creation process uses the AWS SDK for Go - it will automatically use the credentials you have configured with the AWS CLI.

Usage

s3Takeover <Target URL>

About

Automate the process of an S3 bucket subdomain takeover via dangling CNAME record

Resources

Readme
Activity

Stars

25 stars

Watchers

3 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages