Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/factionsecurity/Faction-Burp

The Faction Burp Suite Extension
https://github.com/factionsecurity/Faction-Burp

appsec burp-extensions factionsecurity hacking pentesting

Last synced: 3 months ago
JSON representation

The Faction Burp Suite Extension

Host: GitHub
URL: https://github.com/factionsecurity/Faction-Burp
Owner: factionsecurity
License: mit
Created: 2023-12-19T20:05:26.000Z (11 months ago)
Default Branch: master
Last Pushed: 2024-03-18T14:08:51.000Z (8 months ago)
Last Synced: 2024-07-19T15:46:48.688Z (4 months ago)
Topics: appsec, burp-extensions, factionsecurity, hacking, pentesting
Language: Java
Homepage:
Size: 620 KB
Stars: 8
Watchers: 2
Forks: 2
Open Issues: 1
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

awesome-burp-extensions - Faction Burp Suite Extension - This Burp Suite Extension allows you to integrate BurpSuite into the Faction assessment collaboration framework. (Tool Integration / SSRF)

README

This Burp Suite Extension allows you to integrate BurpSuite into the [Faction](https://github.com/factionsecurity/faction) assessment collaboration framework. Faction is fully open source and free to use.

Faction allows you to:
1. Automate Vulnerability Reports
2. Collaborate with other pen-testers
3. Track Vulnerabilties to Closure

## Build from Source
```
git clone [email protected]:factionsecurity/Faction-Burp.git
cd Faction-Burp/FactionBurp
mvn clean compile jar:jar assembly:single
```

![image](https://github.com/factionsecurity/Faction-Burp/assets/2343831/64dd2508-4d38-41e7-ac40-617392ecd2ff)

### Example Entering an XSS finding into Faction
1. Select the request or reponse you want to include in your report and click 'add new finding'
![image](https://github.com/factionsecurity/Faction-Burp/assets/2343831/7e39b67d-d0dd-4989-b8d6-f07e4fdc5aba)
2. Search for existing Vulnerability Templates and select only the part you want to include in the repoort.
![image](https://github.com/factionsecurity/Faction-Burp/assets/2343831/abfbac91-d271-4eec-9ebd-2cd4bd4e6e2f)
3. Get full details of findings in burp that you and other assessors have discovered. You can even replay the request from the UI.
![image](https://github.com/factionsecurity/Faction-Burp/assets/2343831/f8b60d9d-d10d-4500-961c-cdde040337c8)

Finalize the report in the Faction Web Interface:
![image](https://github.com/factionsecurity/Faction-Burp/assets/2343831/3df957e8-004a-4ead-9c5f-d26d676b8cc2)

![image](https://github.com/factionsecurity/Faction-Burp/assets/2343831/ad840604-e918-4347-9b5c-c1da5c457d40)

Then generate the final report
![image](https://github.com/factionsecurity/Faction-Burp/assets/2343831/003fd7c9-7abe-49bb-b06c-27fb4c3ce026)