SSS3 is a simple S3 Bucket testing software. It uses aws cli to search for public buckets in a list of domains/subdomains.


Simple Storage Scanner

License: GPL v3

Basic Requirements

  • It requires aws cli installed and configured with a s3 policy defined
  • You should have a list of previous enumerated domains/subdomains


  • Iterates a list of domains/subdomains
  • Tests if a domain/subdomain respond to a bucket and if its permissions for listing are enabled
  • Export the result of listing of buckets found


Clone the repository, give +x to script and be happy SSS3 requires AWS CLI to run.

$ git clone
$ chmod +x
$ ./ domain.txt -o output.txt

Usage example

You could start enumerating a domain using Amass

$ amass enum -d -o domains-example-com.txt
$ ./ domains-example-com.txt -o output-example-com.txt



Want to contribute? Great! Please send your PR for us and we’ll be greateful for your help.


I am grateful for some articles that motivated me to creat that tool

Sidechannel Article by Rodrigo Montoro

Rhynosec Article for Pentesting S3

Thanks for using and help to share please

Free Software, Hell Yeah!