https://github.com/factionsecurity/Faction-Burp
The Faction Burp Suite Extension
https://github.com/factionsecurity/Faction-Burp
appsec burp-extensions factionsecurity hacking pentesting
Last synced: 7 months ago
JSON representation
The Faction Burp Suite Extension
- Host: GitHub
- URL: https://github.com/factionsecurity/Faction-Burp
- Owner: factionsecurity
- License: mit
- Created: 2023-12-19T20:05:26.000Z (about 2 years ago)
- Default Branch: master
- Last Pushed: 2024-03-18T14:08:51.000Z (almost 2 years ago)
- Last Synced: 2024-11-18T16:57:47.636Z (about 1 year ago)
- Topics: appsec, burp-extensions, factionsecurity, hacking, pentesting
- Language: Java
- Homepage:
- Size: 620 KB
- Stars: 13
- Watchers: 2
- Forks: 2
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-burp-extensions - Faction Burp Suite Extension - This Burp Suite Extension allows you to integrate BurpSuite into the Faction assessment collaboration framework. (Tool Integration / SSRF)
README
This Burp Suite Extension allows you to integrate BurpSuite into the [Faction](https://github.com/factionsecurity/faction) assessment collaboration framework. Faction is fully open source and free to use.
Faction allows you to:
1. Automate Vulnerability Reports
2. Collaborate with other pen-testers
3. Track Vulnerabilties to Closure
## Build from Source
```
git clone git@github.com:factionsecurity/Faction-Burp.git
cd Faction-Burp/FactionBurp
mvn clean compile jar:jar assembly:single
```
### Example Entering an XSS finding into Faction
1. Select the request or reponse you want to include in your report and click 'add new finding'
2. Search for existing Vulnerability Templates and select only the part you want to include in the repoort.
3. Get full details of findings in burp that you and other assessors have discovered. You can even replay the request from the UI.
Finalize the report in the Faction Web Interface:
Then generate the final report
