reddit hackernews mail facebook facebook linkedin


Performs passive scan to identify buckets and test them for publicly accessible vulnerabilities.

The extension looks at all responses and will note:
- AWS S3 bucket URLs.
- Azure Storage container URLs.
- Google Storage container URLs.

The extension performs many checks as an anonymous user and authenticated user.

The extension also collects subdomains form various sources and tests for takeover.