Skip to content
July 13, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Data
    • CVE Watchtower
    • Top Exploited CVEs
    • CVE Stats by Vendor
    • Q2 2026 Report
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • News
  • Technology
  • BuckHacker: a search engine that find hackable servers
  • Technology

BuckHacker: a search engine that find hackable servers

Do Son February 20, 2018 3 minutes read
BuckHacker
Add Daily CyberSecurity as a preferred source on Google

A new service aimed specifically at white hat hackers has been launched and a project called Buckhacker has created a Google-like search engine that discovers businesses inadvertently by browsing servers exposed to the Internet Leaked sensitive data that allows any user to search for non-secure data stored on Amazon Amazon Web Services (AWS) server buckets.

In fact, there has been a flood of data breaches in the past 2017, with many of the world’s leading companies storing customer and business data on AWS servers without password protection, which means that anyone who knows the exact address of a bucket can associate it Content to visit.

Accenture, WWE, AA, Dow Jones, and even the U.S. National Security Agency have all experienced server configuration errors and were blamed by public opinion for not following the most basic security protocols.

Often, these discoveries require a wide search by publicly available security research groups of publicly accessible servers on the Internet. Buckhacker significantly simplifies this process by allowing users to search AWS lists by using bucket names or file names that may be relevant to the target business. The developers of the project say it is about raising awareness of security rather than helping potential hacker groups.

Although the tool is not designed to be high, it does collect the results and store the information stored in the database for other users to see. Developers in the interview explained that “the goal of this project is to raise awareness of the security buckets, many businesses now suffer due to errors in the management of the bucket. The project is still in its infancy (we are trying to repair one of them some bugs).”

The Buckhacker project was not the first such tool until tools such as AWSBucketDump had allowed users to maliciously find out to expose AWS buckets; Google users could even visit specific server addresses if they knew exactly what to search for. However, Buckhacker is noteworthy because it is probably the easiest-to-use, user-friendly tooling available to date.

Mike Xu Richter, vice president of product management at Bitglass Security, said: “As attackers have easy access to this discovery tool, ensuring that the enterprise infrastructure is not open to the public should be one of the basic principles that must be followed by enterprise IT departments.”

At the same time as the new tool was unveiled, 119,000 U.S. Federal Express customers were also found to have leaked details including home addresses, e-mail addresses, and user’s driver’s license and passport details.

Mr. Richter said the courier company was just another grizzled victim of huge amounts of wealth and deep security but falling into the trap of the same basic but grave mistake.

Amazon pointed out in November 2017 that it will introduce default encryption for all new AWS servers that could theoretically prevent the recurrence of such a leak. However, users need to apply this encryption feature manually to all existing buckets, meaning that data stored on servers unknown to the business is still under serious threat.

Researchers have already realized the existence of this new tool on the Amazon site.

However, in this time,

Sorry guys, we are going offline for maintenance. We went online with the alpha version to early.

— BuckHacker (@thebuckhacker) February 14, 2018

Get Zero-Hour Vulnerability Alerts

Critical CVEs, CVSS scores, and PoC updates — straight to your inbox every week.


We respect your inbox. Unsubscribe anytime.

Related coverage

  • The Master and the Disciple: Inside Apple’s “Exceedingly Rare” Pact to Rebuild Siri with Google Gemini
  • Copilot for Gaming: Microsoft Begins Beta Testing AI Assistant for Xbox
  • IBM Unveils “Quantum Starling”: World’s First Large-Scale Fault-Tolerant Quantum Computer by 2029
  • 3DMark Arrives Natively on macOS: Unleash & Benchmark Your Apple Silicon Performance
  • France and Germany will jointly submit Bitcoin regulatory advice to the G20
Track all actively exploited CVEs →

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Share this article:

Facebook Post LinkedIn Telegram
Written by
@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: BuckHacker

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-1207CVSS 5.4
    An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on...
    Admin intel📅 Updated: Jul 10, 2026
  • CVE-2026-48939CVSS 10.0
    A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-56291CVSS 10.0
    The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-55255CVSS 8.4
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-48908
    A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-56290
    The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intelCISA KEV📅 Added to KEV: Jul 7, 2026📅 Updated: Jul 3, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-56271CVSS 9.8
    Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses weak hardcoded default...
  • CVE-2026-56260CVSS 9.1
    Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker...
  • CVE-2026-61447CVSS 10.0
    PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_python() that...
  • CVE-2026-61445CVSS 9.9
    PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in...
  • CVE-2026-60090CVSS 9.8
    PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the...
  • CVE-2026-57827CVSS 10.0
    The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload...
  • CVE-2026-57828CVSS 9.0
    The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file...
  • CVE-2026-14480CVSS 9.9
    OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the...
  • CVE-2026-20744CVSS 9.8
    The charging station websocket endpoint accepts connections without proper authentication, which could...
  • CVE-2026-57807CVSS 9.8
    Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Top Exploited CVEs
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • Disclaimer
    • DCMA
    • Privacy Policy
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • CVE Watchtower
    • CVE Statistics by Vendor 2026
    • Q2 2026 Report
    • Top Exploited CVEs
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.