Unlisted directory discovery of a web server without using bruteforce attacks
Some creator I support on SubscribeStar hosts their files on a dedicated AWS web storage server of theirs and the names are easily accessible and sometimes guessable without any kind of security or authentication. I got curious to see what else is on there and found out that using something like a directory buster would essentially guess everything, but the wordlist would take a long time to go through, possibly eat up more CPU runtime and space than I can afford, and is really noisy, which could lead to it being seen as some kind of DoS attack, which I don't want to cause.
Then that got me wondering if there is some kind of way I can discover unlisted files without having to invoke bruteforce methods; it's purely for educational purposes as I'm interested in learning the practice and methods this person uses to create their content, and about potentially finding bug bounties. No ill will is intended, I merely just wish to satisfy my curiosity without causing undue harm.
