Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/WithSecureOpenSource/headless-scanner-driver
A Burp Suite extension that starts scanning on requests it sees, and dumps results on standard output
https://github.com/WithSecureOpenSource/headless-scanner-driver
Last synced: 28 days ago
JSON representation
A Burp Suite extension that starts scanning on requests it sees, and dumps results on standard output
- Host: GitHub
- URL: https://github.com/WithSecureOpenSource/headless-scanner-driver
- Owner: WithSecureOpenSource
- License: apache-2.0
- Created: 2014-04-24T13:35:57.000Z (about 10 years ago)
- Default Branch: master
- Last Pushed: 2016-08-11T10:23:11.000Z (almost 8 years ago)
- Last Synced: 2024-05-04T00:56:01.444Z (about 1 month ago)
- Language: Python
- Size: 13.7 KB
- Stars: 20
- Watchers: 15
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-burp-suite - **21**星
README
headless-scanner-driver
=======================
Python Burp Suite extension for non-interactive active scanning.
Burp and Burp Suite are trademarks of Portswigger, Ltd.
Usage
-----
Load this extension into Burp Extender using the GUI. You also need to
acquire the standalone Jython interpreter (version 2.7 or newer) and
tell Burp Suite where it is. After this, it will start an active scan
for all HTTP requests that are initiated through the proxy.
WARNING: The extension will indiscriminately start active scanning against
all URIs it sees, regardless of Burp Suite GUI Active Scanner setting.
To protect non-target sites, set a Target Scope and drop all requests not in suite
scope.
The extension will write JSON objects to stdout, one per line.
Run Burp Suite in headless mode using:
java -jar -Xmx1g -Djava.awt.headless=true -XX:MaxPermSize=1G burpsuite.jar
The extension intercepts three special kinds of HTTP requests; those to
ports 1111, 1112 and 1113.
If you think this sort of in-band signaling is odd, I agree. At the
time of writing, I just could not find a well-defined way of
communicating to an extension from outside Burp.
Your client can emit HTTP requests to port 1111 to get the extension
to emit its status. The status will be a JSON that is a list of pairs
of status information. There is one pair per a scanner instance
(typically per URL that the extension has seen). The status info pair
has the number of findings from that scanner instance, and the
completeness as a string. When all of the instances are finished, the
scan has finished.
Your client can emit a HTTP request to port 1112 which causes the
extension to dump all scanner findings and to cleanly exit.
Your client can emit a HTTP request to port 1113 to dump all scanner
findings and end all current scans. New scans can be started after this
and issues collected again at any time.
For examples of how to use this from Python, see
https://github.com/F-Secure/mittn/blob/master/mittn/headlessscanner/
Bugs
----
Please report bugs to the GitHub project tracker or just send a patch
as a pull request.
Other queries can be sent via email to [email protected].