Vulnerability Database

S3 Bucket Takeover

AWS S3 is a highly scalable, high performance cloud storage service.

Attackers can register the missing S3 buckets to host malicious content on the domain referencing it. Subdomain Takeover attacks can be used for phishing and cross-site scripting.


Remove the record referencing the bucket or register the s3 bucket itself.


  • Specifically designed for medium and large Enterprises
  • All Tools, Services, and Plans
  • Single Sign-On Integration, Single Tenant
  • Dedicated Support, Custom Integrations
  • Annual or Monthly, Fixed-cost Billing