Boto3 is the AWS software development kit (SDK) for Python and can be found here: https://boto3.amazonaws.com/v1/documentation/api/latest/index.html. It provides an interface to the AWS APIs, allowing us to interact with them programmatically, meaning that we can automate and control what we are trying to do in AWS. It is managed by AWS, so it is constantly updated with the latest features and offerings from AWS. It is also used on the backend of the AWS Command Line Interface (CLI), so it makes more sense for us to interact with this library than to try and run AWS CLI commands from within our code.
Because we are going to be using Python for our scripts, boto3 is the perfect option to allow us to interact with the AWS APIs. This way, we can automate our reconnaissance/information gathering phase with a lot of the extra stuff already taken care of (such as signing the HTTP requests to the AWS API). We'll be using the AWS APIs to gather information about our target account, allowing us to determine our level of access to the environment and helping us to formulate our attack plan with precision.
Installing boto3 is as simple as running a single pip install command:
pip3 install boto3
Now boto3 and its dependencies should be installed on your computer. If the pip3 command does not work for you, you may need to invoke pip directly through the Python command, as follows:
python3 -m pip install boto3