Data Discovery

How to find sensitive data.

Cloud Bucket Checker

Using this cloud Bucket checker from Grayhat Warfare, you can search millions of cloud buckets that may be associated with the entity you are testing. This may allow you to find sensitive data.

For example, if your client is ACME, it is likely that their buckets may be named zyx-application-acme.

So search Grayhat Warfare for "ACME":

https://buckets.grayhatwarfare.com/

Metadata Finder

Search for documents (and metadata) in a domain using Search Engines (Google, Bing and Baidu).

https://github.com/Josue87/MetaFinder

metafinder -d -l 20 -o lol

PreviousSubdomain Discovery NextPort & Service Discovery

Last updated 5 months ago