Bucket Stream monitors certificate transparency logs to discover publicly accessible Amazon S3 buckets in real time. It listens to CertStream for new SSL certificates, extracts domain names, and tests multiple bucket name permutations to find exposed storage. Features keyword filtering with 200+ patterns organized by category (passwords, databases, configs, archives), AWS authentication support to reduce rate limiting, adjustable threading, and logging of interesting discoveries. A powerful tool for cloud security researchers and penetration testers looking to identify misconfigured S3 buckets.
git clone https://github.com/mstfknn/bucket-stream.git
# Basic scan
python bucket-stream.py
# Extended permutations with logging
python bucket-stream.py -p permutations/extended.txt \
--only-interesting --log
# Custom domain input with threads
python bucket-stream.py --source domains.txt --threads 10