Using the boto3 library for reconnaissance

Boto3 is the AWS software development kit (SDK) for Python and can be found here: https://boto3.amazonaws.com/v1/documentation/api/latest/index.html. It provides an interface to the AWS APIs, allowing us to interact with them programmatically, meaning that we can automate and control what we are trying to do in AWS. It is managed by AWS, so it is constantly updated with the latest features and offerings from AWS. It is also used on the backend of the AWS Command Line Interface (CLI), so it makes more sense for us to interact with this library than to try and run AWS CLI commands from within our code.

Because we are going to be using Python for our scripts, boto3 is the perfect option to allow us to interact with the AWS APIs. This way, we can automate our reconnaissance/information gathering phase with a lot of the extra stuff already taken care of (such as signing the HTTP requests to the AWS API). We'll be using the AWS APIs to gather information about our target account, allowing us to determine our level of access to the environment and helping us to formulate our attack plan with precision.

This section will assume that you have Python 3 installed along with the pip package manager.

Installing boto3 is as simple as running a single pip install command:

   pip3 install boto3

Now boto3 and its dependencies should be installed on your computer. If the pip3 command does not work for you, you may need to invoke pip directly through the Python command, as follows:

   python3 -m pip install boto3
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.144.48.135