Skip to content
AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

AWS Extender

AWS Extender is a BurpSuite extension to identify and test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues using the boto/boto3 SDK library.

Getting Started

For general instructions on how to load BurpSuite extensions, please visit this URL.

Installing Dependencies

Both of boto and boto3 are required. You can install them using pip:

$ pip install -r requirements.txt

Custom Environment Settings

  1. Open the BurpSuite Extender tab.
  2. Click "Options".
  3. Set the "Folder for loading modules" setting to the path of your Python installation's site-packages directory.

Extension Settings

The settings tab provides the following settings:

Settings Tab

Below is a description of each:

Setting Description Required
AWS Access Key Your AWS account access key ID True
AWS Secret Key Your AWS account secret key True
AWS Session Key A temporary session token False
GS Access Key Your Google account access key ID True
GS Secret Key Your Google account secret key True
Wordlist Filepath A filepath to a list of filenames False
Passive Mode Perform passive checks only N/A


  • AWS keys can be obtained from your AWS Management Console. For Google Cloud, see the documentation.

  • The extension will still provide minimal functionality (e.g., identifying buckets) even if none of the above requirements are satisfied.


S3 Bucket Misconfiguration

S3 Signed URL Excessive Expiration Time

GS Bucket Misconfiguration

You can’t perform that action at this time.