Vulnerability Database

S3 Bucket Takeover

AWS S3 is a highly scalable, high performance cloud storage service.

Attackers can register the missing S3 buckets to host malicious content on the domain referencing it. Subdomain Takeover attacks can be used for phishing and cross-site scripting.


Remove the record referencing the bucket or register the s3 bucket itself.


  • All Tools, Services, and Plans
  • Suitable For Enterprises
  • Single Sign-On Integration, Single Tenant
  • Dedicated Support, Custom Integrations
  • Annual or Monthly, Fixed-cost Billing