This blog is only for educational and ethical OSINT purposes. Author is not responsible for any misuse!

🔖 Read from Part 1

🌐 Site: zoomeye.ai

1️⃣ Cloudflare R2 Buckets

http.body=".r2.dev" && http.body="pub-"

32K results

None
None

2️⃣ AWS S3 Bucket

http.body="ListBucketResult"
None
None

Bugcrowd Triaged Report

None

P4 Bug in HealthCare Company🏥

ow I found bug in a billion dollar HealthCare Companyo

osintteam.blog

 
http.body="NoSuchBucket" && app="Amazon Web Services"
None

Detect based on Server Response Headers

banner="amazons3"
banner="x-amz-id"
banner="x-amz-request-id"
banner="x-amz-bucket-region"

3️⃣ IBM Cloud Object Storage

http.body="cloud-object-storage.appdomain.cloud"
None

4️⃣ Alibaba Cloud Object Storage Service

http.body="oss-cn-" && http.body="aliyuncs.com"
None

5️⃣ Exposed MongoDB Info

http.body="mongodb.net"
http.body="Backend version main working properly at"
http.body="mongodb+srv://"
None
None

⏳ Target Filtering

existing_dork && domain="example.com"
existing_dork && hostname="example.com"
existing_dork && ssl.cert.subject.cn="example.com"
existing_dork && org="org name"
existing_dork && cidr="x.x.x.x/x"
existing_dork && asn="target asn number"

👉 Learn Advanced Shodan Dorking

👉 Learn Advanced FOFA Dorking

© 2025 Medium Copyright AbhirupKonwar All rights reserved.