Cloud Service Hunting is a script that automatically searches for publicly exposed/vulnerable cloud service providers only by combining several open source tools using the bash language.
- Subdomain Enumeration (Subfinder, AssetFinder, Amass)
- HTTP Probe (httpx)
- Permutation Domain Cloud (cloud_enum)
- Find Domain Cloud on JavaScript (Katana, SecretFinder, rush)
- Parsing Only Cloud Service Domain (GoCloud)
- Exploitation with nuclei (Nuclei)
- Dorking
Before entering the step below. Make sure your Linux has python3.+ and golang installed.
- Clone Cloud Service Hunting From git
git clone https://github.com/Rozan312/Cloud-Service-Hunting.git
- Change the directory
cd Cloud-Service-Hunting
- Change Permission install.sh & CloudShunting.sh
chmod +x install.sh CloudShunting.sh
- Install Dependencies Tools and Custom Script
./install.sh
- Done !!!
If you already have some of the tools needed in this Cloud Service Hunting script. You can make changes in the CloudShunting.sh or install.sh script file to reduce the impact of the error given.
- Just run the command
./CloudShunting.sh
(This script is still very simple. In the future, it will always be updated in terms of features or output information received.)