Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.
The extension looks at all responses and will note:
- AWS S3 bucket URLs.
- Azure Storage container URLs.
- Google Storage container URLs.
The extension performs many checks as an anonymous user and authenticated user.
The extension also collects subdomains form various sources and tests for takeover.