id: aws-object-listing info: name: AWS bucket with Object listing author: pdteam severity: low reference: - https://mikey96.medium.com/cloud-based-storage-misconfigurations-critical-bounties-361647f78a29 tags: aws,misconfig,bucket requests: - method: GET path: - "{{BaseURL}}" max-size: 1000 matchers-condition: and matchers: - type: word part: body words: - '([a-z0-9-._]+)'