Significant number of false positives in S3 buckets

[ojensen5115]

I just ran this tool against my own organization's website, and the results are pretty stupefyingly accurate. However, when it comes to S3 buckets, it found the following:

• allinoneseo.s3.eu-central-1.amazonaws.com
• app.paragonone.com.s3.us-east-2.amazonaws.com
• appstaging.paragonone.com.s3.us-east-2.amazonaws.com
• files.designone.co.uk.s3.eu-west-2.amazonaws.com
• dev.designone.co.uk.s3-eu-west-1.amazonaws.com
• paragonone.com.s3.us-east-2.amazonaws.com
• sianoneill.s3.eu-west-2.amazonaws.com
• nanonets.s3.amazonaws.com
• nationone.s3.amazonaws.com
• nonetorun.s3.amazonaws.com
• testplanone.s3.amazonaws.com
• inonedev.s3.amazonaws.com
• downtownone.s3.amazonaws.com
• pordenonelegge.s3.amazonaws.com
• fashionone.s3.amazonaws.com

We do not use any S3 buckets, so I would have expected this list to be empty. I have never heard of any of these S3 buckets.

[wery67564]

I got the same buckets pulled on a different search.

[superhedgy]

@ojensen5115 Indeed there is an issue with the GrayHatWarfare API results. I am looking into it tonight.

[ConorDSherman]

I can confirm what @ojensen5115 is seeing. I am getting almost identical results. Issues appears to still be active

[superhedgy]

Fixed with the latest release. I am also planning to add another option, so you can manually search for keywords.