S3 Burp Suite extensions
Burp Suite is a tool commonly used for web application testing. We aren't going to get deep into the details of how Burp Suite works, however, please stop by the PortSwigger website for more details: https://portswigger.net/burp.
With an enormous amount of available extensions, Burp is becoming more and more widely used by pentesters and application security engineers – and now can be used by cloud security professionals to test their environments. We are going to take a look at an extension called aws-extender. The extension allows you to scan for misconfigurations in S3 buckets.
Before we begin, we need to ensure we have the most up-to-date Python package installed.
Download it here: https://github.com/jythontools/jython.
Now let's move forward and retrieve a copy of the tool:
- Start by retrieving a copy of the package:
$ git clone https://github.com/jythontools/jython.git
Follow the instructions provided on the website and...
