An open-source programme called BlobHunter is used to search Azure blob storage accounts for publicly available blobs. BlobHunter, a vital tool for locating improperly configured containers hosting sensitive data within Azure subscriptions, was created as a component of the "Hunting Azure Blobs Exposes Millions of SensitiveFiles" investigation.

BlobHunter is an open-source utility created to scan Azure blob storage accounts and pinpoint publicly accessible blobs. It was developed in conjunction with the "Hunting Azure Blobs Exposes Millions of Sensitive Files" research project and serves as a vital instrument for detecting inadequately configured containers that house sensitive data in Azure subscriptions.


  • Python     3.5+
  • Azure     CLI
  • Packages     listed in requirements.txt
  • Azure     user with one of the following built-in roles:
  • Owner
  • Contributor
  • Storage      Account Contributor
  • Or      any Azure user with a role allowing specific Azure actions.




Run the tool with:



Full Demo

Table of Contents: