API Usage

Limits

Premium Users
  • For premium users there are no limits on the results someone can go through.
  • The is however a limit on how many files you can get on each page. This limit is 1000. You can however read all the results page by page. See below documentation for details.
Registered Users
  • For free registered users, the same limits as the search apply, explained here: Packages.

Buckets

curl "https://buckets.grayhatwarfare.com/api/v1/buckets[/start[/limit]]?access_token=api-key"

Request:

  • start - buckets offset (optional)
  • limit - how many buckets to bring (optional)

Response:

  • buckets_count - how many buckets we collected
  • start - buckets offset
  • limit - how many buckets in response
  • buckets - json array with buckets (id, bucket)

Examples

Give me the first ten of buckets
Give me the second ten of buckets
Get the first 10 buckets matching the keywords "test"
List contents of bucket with id 4, starting from 0, with 100 limit.
List contents of bucket with id 4, that contains the keywords pdf starting from 0, with 100 limit.
List contents of bucket with id 4, that contains the keywords pdf in full path, starting from 0, with 100 limit.

Search Files

curl "https://buckets.grayhatwarfare.com/api/v1/files[/keywords[/start[/limit]]]?access_token=api-key[&order=size&direction=asc|desc]"

Request:

  • keywords - your query (optional)
  • start - buckets offset (optional)
  • limit - how many buckets to bring (optional)
  • sorting order=size&direction=asc or desc

Response:

  • keywords - your query
  • results - how many results we have
  • start - offset offset
  • limit - how many files in response
  • order - if specified (size)
  • direction - if specified (asc/desc)
  • files - json array with files (id, bucket, filename, fullPath, url, size)

Examples

Search for passwords (only filenames not paths.)
Search for passwords (Full-Path search, filename + paths)
Search for passwords and exclude keywords create and forgotten
Search for passwords and bring me 10 files starting from 10
Search for passwords and sort results by size in descending order

Notes

  • A little more info about the tool: How to search for Open Amazon s3 Buckets and their contents
  • Uninteresting - according to our standards - files are excluded. If you want full database contact us.
    • Excluded: jpg, png, git, tiff, jpeg, ico, css, scss, svg
    • Included: js, html. Js files could be asset/libraries or could be production code.
  • All keywords are treated as logical AND. In you want a keyword excluded you could add -keyword.
    • secret - returns all files containing secret in filename.
    • secret -html - returns all files containing secret and do not contain html in filename.
Copyright © 2018 grayhatwarfare.com All rights reserved. Hand-crafted & made with on Symfony PHP Framework