CloudHunter is a potent reconnaissance tool for discovering and investigating security vulnerabilities in cloud storage buckets across providers. The tool's objective is to identify and display the permissions for potentially problematic buckets, giving users important information about the security of cloud storage setups.


CloudHunter is a powerful reconnaissance tool crafted for the purpose of identifying and assessing security weaknesses within cloud storage containers on prominent cloud service platforms like AWS, Azure, Alibaba, and Google Cloud. Its primary goal is to uncover and organize permissions for containers that may be vulnerable, providing valuable information about the security state of cloud storage setups.




CloudHunter offers versatile usage options to adapt to different scenarios and target platforms:

Basic Usage:


Custom Permutations:


Specify Target Services:


Crawling a Website:


Write Test for Read Rights:



  • -p,     --permutations-file file: Provide a file with bucket name permutations.
  • -s,     --services aws,google,azure,alibaba: Name your intended cloud services.
  • -w,     --write-test: When previous techniques fail, enable write test to determine read permissions.
  • -r,     --resolvers file: Send a file containing DNS resolvers.
  • -t,     --threads num: Decide how many threads to use for simultaneous processes.
  • -c,     --crawl-deep num: After the first page, decide how many more to crawl.
  • -b,     --base-only: Examine just the base name; do not examine generational permutations.
  • -d,     --disable-bruteforce: Disable the discovery process with force.
  • -v,     --verbose: Turn on verbose logs.
  • -o,     --open-only: Show only open buckets.

Output Example

When CloudHunter is used, it produces comprehensive output that includes the endpoints, services, and permissions that are found for each target. It offers an extensive perspective of cloud storage bucket security.

Table of Contents: