Usage

Buckets

curl "https://buckets.grayhatwarfare.com/api/v1/buckets[/start[/limit]]?access_token=api-key"

Request:

  • start - buckets offset (optional)
  • limit - how many buckets to bring (optional)

Response:

  • buckets_count - how many buckets we collected
  • start - buckets offset
  • limit - how many buckets in response
  • buckets - json array with buckets (id, bucket)

Search Files

curl "https://buckets.grayhatwarfare.com/api/v1/files[/keywords[/start[/limit]]]?access_token=api-key[&order=size&direction=asc|desc]"

Request:

  • keywords - your query (optional)
  • start - buckets offset (optional)
  • limit - how many buckets to bring (optional)
  • sorting order=size&direction=asc or desc

Response:

  • keywords - your query
  • results - how many results we have
  • start - offset offset
  • limit - how many files in response
  • order - if specified (size)
  • direction - if specified (asc/desc)
  • files - json array with files (id, bucket, filename, fullPath, url, size)

Examples

Give me the first ten of buckets

curl "https://buckets.grayhatwarfare.com/api/v1/buckets/0/10?access_token={apiKey}"

Give me the second ten of buckets

curl "https://buckets.grayhatwarfare.com/api/v1/buckets/10/10?access_token={apiKey}"

Search for passwords

curl "https://buckets.grayhatwarfare.com/api/v1/files/password?access_token={apiKey}"

Search for passwords and exclude keywords create and forgotten

curl "https://buckets.grayhatwarfare.com/api/v1/files/password -create -forgotten/0/10?access_token={apiKey}"

Search for passwords and bring me 190 files starting from 10

curl "https://buckets.grayhatwarfare.com/api/v1/files/password/10/10?access_token={apiKey}"

Search for passwords and sort results by size in descending order

curl "https://buckets.grayhatwarfare.com/api/v1/files/password?access_token={apiKey}&order=size&direction=desc"

Notes

  • A little more info about the tool: How to search for Open Amazon s3 Buckets and their contents
  • Uninteresting - according to our standards - files are excluded. If you want full database contact us.
    • Excluded: jpg, png, git, tiff, jpeg, ico, css, scss, svg
    • Included: js, html. Js files could be asset/libraries or could be production code.
  • All keywords are treated as logical AND. In you want a keyword excluded you could add -keyword.
    • secret - returns all files containing secret in filename.
    • secret -html - returns all files containing secret and do not contain html in filename.
Copyright © 2018 grayhatwarfare.com All rights reserved. Hand-crafted & made with on Symfony PHP Framework