Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bypass GuardDuty Pentest Findings for the AWS CLI - Botocore method. #453

Open
jchrisfarris opened this issue Feb 21, 2025 · 2 comments
Open

Bypass GuardDuty Pentest Findings for the AWS CLI - Botocore method. #453

jchrisfarris opened this issue Feb 21, 2025 · 2 comments

Comments

@jchrisfarris
Copy link

You can override the user-agent (to bypass GuardDuty Kali detections) with the botocore.config.Config option.
@Frichetten
Copy link
Contributor

Hey hey 👋 This is for the AWS SDK, right? Are you able to change this with the CLI?

@saw-your-packet
Copy link
Contributor

I played with this a bit and I managed to make it work to a certain point. First, yes, the limitation is that this applies only to the SDK. Second, whatever user agent you sent, the boto3 SDK will append at the end "Boto3/Python" or a similar string (can't remember exactly the string value).

This is cool for writing your own scripts, but if you plan to use the tool of others, I would recommend the Burp Suite approach because modifying existing tools might break stuff.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Frichetten @jchrisfarris @saw-your-packet