Active Members Fi8sVrs Posted August 8, 2017 Active Members Report Share Posted August 8, 2017 (edited) burpa: Burp Automator A Burp Suite Automation Tool with Slack Integration Requirements burp-rest-api Burp Suite Professional slackclient Usage: python burpa.py -h ################################################### __ / /_ __ ___________ ____ _ / __ \/ / / / ___/ __ \/ __ `/ / /_/ / /_/ / / / /_/ / /_/ / /_.___/\__,_/_/ / .___/\__,_/ /_/ burpa version 0.1 / by 0x4D31 ################################################### usage: burpa.py [-h] [-a {scan,proxy-config}] [-pP PROXY_PORT] [-aP API_PORT] [-rT {HTML,XML}] [-r {in-scope,all}] [--include-scope [INCLUDE_SCOPE [INCLUDE_SCOPE ...]]] [--exclude-scope [EXCLUDE_SCOPE [EXCLUDE_SCOPE ...]]] proxy_url positional arguments: proxy_url Burp Proxy URL optional arguments: -h, --help show this help message and exit -a {scan,proxy-config}, --action {scan,proxy-config} -pP PROXY_PORT, --proxy-port PROXY_PORT -aP API_PORT, --api-port API_PORT -rT {HTML,XML}, --report-type {HTML,XML} -r {in-scope,all}, --report {in-scope,all} --include-scope [INCLUDE_SCOPE [INCLUDE_SCOPE ...]] --exclude-scope [EXCLUDE_SCOPE [EXCLUDE_SCOPE ...]] TEST: $ python burpa.py http://127.0.0.1 --action proxy-config ################################################### __ / /_ __ ___________ ____ _ / __ \/ / / / ___/ __ \/ __ `/ / /_/ / /_/ / / / /_/ / /_/ / /_.___/\__,_/_/ / .___/\__,_/ /_/ burpa version 0.1 / by 0x4D31 ################################################### [+] Checking the Burp proxy configuration ... [-] Proxy configuration needs to be updated [+] Updating the Burp proxy configuration ... [-] Proxy configuration updated $ python burpa.py http://127.0.0.1 --action scan --include-scope http://testasp.vulnweb.com ################################################### __ / /_ __ ___________ ____ _ / __ \/ / / / ___/ __ \/ __ `/ / /_/ / /_/ / / / /_/ / /_/ / /_.___/\__,_/_/ / .___/\__,_/ /_/ burpa version 0.1 / by 0x4D31 ################################################### [+] Retrieving the Burp proxy history ... [-] Found 4 unique targets in proxy history [+] Updating the scope ... [-] http://testasp.vulnweb.com included in scope [+] Active scan started ... [-] http://testasp.vulnweb.com Added to the scan queue [-] Scan in progress: %100 [+] Scan completed [+] Scan issues for http://testasp.vulnweb.com: - Issue: Robots.txt file, Severity: Information - Issue: Cross-domain Referer leakage, Severity: Information - Issue: Cleartext submission of password, Severity: High - Issue: Frameable response (potential Clickjacking), Severity: Information - Issue: Password field with autocomplete enabled, Severity: Low - Issue: Cross-site scripting (reflected), Severity: High - Issue: Unencrypted communications, Severity: Low - Issue: Path-relative style sheet import, Severity: Information - Issue: Cookie without HttpOnly flag set, Severity: Low - Issue: File path traversal, Severity: High - Issue: SQL injection, Severity: High [+] Downloading HTML/XML report for http://testasp.vulnweb.com [-] Scan report saved to /tmp/burp-report_20170807-235135_http-testasp.vulnweb.com.html [+] Burp scan report uploaded to Slack Download burpa-master.zip Source: https://github.com/0x4D31/burpa Edited August 8, 2017 by Fi8sVrs 1 5 Quote Link to comment Share on other sites More sharing options...
