AWS cURL Command

This extension allows users to generate AWS-signed curl commands from HTTP requests. It simplifies the process of testing and reproducing AWS API requests on the command line with valid AWS Signature Version 4 headers.

Features

• Generates fully signed AWS curl commands from selected HTTP requests
• Supports AWS Signature Version 4
• Automatically includes required headers such as Authorization and x-amz-date
• Copies the signed command to the clipboard for easy use

Usage

1. Ensure you have valid AWS credentials configured in your environment (e.g., via environment variables or AWS CLI config).
2. In Burp Suite, right-click on an HTTP request and choose "Generate AWS cURL Command" from the context menu.
3. The extension will sign the request using your credentials and copy a ready-to-use curl command to your clipboard.
4. Paste and run the command in your terminal to send the signed request using curl.

Examples

The general structure of these commands can be seen below.

AWS cURL

awscurl --service <service> --region us-east-1 \\
    -X GET \\
    -H Host: <host> \\
    -H Accept-Encoding: gzip, deflate, br \\
    -H User-Agent: <User-Agent> \\
    -H X-Amz-Date: <date> \\
    -H X-Amz-Security-Token: <Token> \\
    -d {<data>} \\
    <Endpoint-URL>

cURL with SigV4

curl https://endpoint \\
    --user $AWS_ACCESS_KEY_ID:$AWS_SECRET_ACCESS_KEY \\
    -H x-amz-security-token: $AWS_SESSION_TOKEN \\
    --aws-sigv4 aws:amz:<region>:<service> \\
    -H User-Agent: <User-Agent> \\
    -H Accept: application/json, \\
    -H Accept-Language: en-US,en;q=0.5 \\
    -H Accept-Encoding: gzip, deflate, br \\
    -H Content-Type: application/json \\
    -H Origin: * \\
    -H Content-Length: 457 \\
    --data {<data>}