“The purpose of the project is to increase the awareness on bucket security, too many companies was [sic] hit for having wrong permissions on buckets in the last years,” one of the anonymous developers of BuckHacker, told Motherboard in an email. Users can search the hackable servers either by bucket name, which may include company or organization name, or filename. Basically, BuckHacker collects bucket names and index pages, breaks down the results and stores it in a database that can be searched by others. Besides returning results for exposed servers, it also returns the entries labeled “Access Denied” and “The specified deposit does not exist”. “The project is still in a really super alpha stage (there are several bugs at the moment that we try to fix),” the BuckHacker developer added. “I was sharing the project privately with some friends but unfortunately then we go public before the time. Actually we are even thinking to shutdown it because is quite unstable.” The search engine has now been taken offline, with the developers behind BuckHacker site saying on Twitter: “Sorry guys, we are going offline for maintenance. We went online with the alpha version too early.” Source: Motherboard
