Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/yandex/burp-molly-scanner
Turn your Burp suite into headless active web application vulnerability scanner
https://github.com/yandex/burp-molly-scanner
automated-testing burp-extensions security vulnerability-scanners
Last synced: about 1 month ago
JSON representation
Turn your Burp suite into headless active web application vulnerability scanner
- Host: GitHub
- URL: https://github.com/yandex/burp-molly-scanner
- Owner: yandex
- License: other
- Created: 2017-11-14T16:07:17.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2018-03-01T10:09:21.000Z (almost 7 years ago)
- Last Synced: 2024-08-04T04:05:43.963Z (4 months ago)
- Topics: automated-testing, burp-extensions, security, vulnerability-scanners
- Language: Java
- Homepage:
- Size: 66.4 KB
- Stars: 154
- Watchers: 9
- Forks: 26
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - yandex/burp-molly-scanner - Turn your Burp suite into headless active web application vulnerability scanner (Java)
README
# Burp-molly-scanner
# Overview
The main goal of Burp-molly-scanner is to extend Burp and turn it into headless active scanner.
# Usage
* Build fat jar with Maven
* Rewrite burp_molly_config.json
* Put path to config in MOLLY_CONFIG Environment variable
* Run Burp Suite in console `java -jar burpsuite_pro.jar`
* Add Plugin in Extender Tab (once)
* Run scanner in headless mode (see run.sh)
* Parse resulting XML report
* Integrate it to your security pipeline
# Contributing
Contributions to Burp-molly-scanner are always welcome! You can help us in different ways:
* Open an issue with suggestions for improvements and errors you're facing;
* Fork this repository and submit a pull request;
* Improve the documentation.