diff --git a/docs/background/automation.md b/docs/background/automation.md index 1f43437..c4db0ec 100644 --- a/docs/background/automation.md +++ b/docs/background/automation.md @@ -9,7 +9,6 @@ And there are several developers who have already done this and made their exten One of the most popular extensions for running Burp headless is [Carbonator]. By giving it a target scope, it spiders the scope and performs a scan and a HTML report is generated at the end. However, we wanted more! - We wanted JUnit like output in Jenkins and a failed build whenever any vulnerabilities were found. And we also wanted the possibility to flag false positives. That is after a potential security hole has been found and reported, you investigate it in your code and find that no way this can happen, you want to configure this so that it will not be reported on the next run. And just performing a scan on a target doesnt really give that much in our javascript web application world today by reasons I’ll get back to later. So we also had to be able to automatically proxy the application to build that sitemap. diff --git a/docs/background/background.md b/docs/background/background.md index c8e3bf5..5e24736 100644 --- a/docs/background/background.md +++ b/docs/background/background.md @@ -12,7 +12,4 @@ This happens in the very end, making any findings risky to fix and have severe r We also have a limited pool of security experts, and may in some cases have a long wait ahead of us before pen-test can be performed. -And we are the lucky ones. We have security experts testing our code. We all know that this is not the case for a lot of web-applications out there. Some have to hire expensive consultants and some doesnt do any security testing at all. - - -# tl;dr; +And we are the lucky ones. We have security experts testing our code. We all know that this is not the case for a lot of web-applications out there. Some have to hire expensive consultants and some doesnt do any security testing at all. \ No newline at end of file diff --git a/docs/background/burp.md b/docs/background/burp.md index d579306..30b4af8 100644 --- a/docs/background/burp.md +++ b/docs/background/burp.md @@ -8,4 +8,4 @@ The spider can then be used as a tool to crawl through the rest of the applicati This site map built by the proxy and spider is then what the scanner uses to test your application for vulnerabilities. It performs this test by automatically attack your site using a number of known hacking techniques, and reports back to you any security issues it finds. -And these are the three tools we wanted to automate in our PoC. \ No newline at end of file +And these are the three tools we wanted to automate in our PoC. \ No newline at end of file diff --git a/docs/background/our-goal.md b/docs/background/our-goal.md index 6688e9a..162c221 100644 --- a/docs/background/our-goal.md +++ b/docs/background/our-goal.md @@ -4,4 +4,7 @@ We wanted the security-testing to become an integrated part of our development. To make sure it would be a natural part of the development we wanted to move into the delivery pipeline as an automated job. -Our security experts recommended [Burp](https://portswigger.net/burp/) as the best tool available for the job and this is the reason why we selected this over [OWASP ZAP](https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project). \ No newline at end of file +Our security experts recommended [Burp Suite] as the best tool available for the job and this is the reason why we selected this over [OWASP Zed Attack Proxy]. + +[Burp Suite]: https://portswigger.net/burp/ +[OWASP Zed Attack Proxy]: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project \ No newline at end of file diff --git a/docs/user-guide/burp-extensions/headless-burp-proxy.md b/docs/user-guide/burp-extensions/headless-burp-proxy.md index 620ad76..15653da 100644 --- a/docs/user-guide/burp-extensions/headless-burp-proxy.md +++ b/docs/user-guide/burp-extensions/headless-burp-proxy.md @@ -1,5 +1,5 @@ Headless Burp Proxy -===================== +=================== Provides an extension to Burp that allows you to run, stop and capture results from the Burp proxy tool in headless mode. @@ -12,37 +12,45 @@ Provides an extension to Burp that allows you to run, stop and capture results f On *nix: - java -Xmx1G -Djava.awt.headless=true \ - -classpath headless-burp-proxy-master-SNAPSHOT-jar-with-dependencies.jar:burpsuite_pro_v1.7.31.jar burp.StartBurp \ - --project-file=project.burp +``` +java -Xmx1G -Djava.awt.headless=true \ +-classpath headless-burp-proxy-master-SNAPSHOT-jar-with-dependencies.jar:burpsuite_pro_v1.7.31.jar burp.StartBurp \ +--project-file=project.burp +``` On Cygwin: - - java -Xmx1G -Djava.awt.headless=true \ - -classpath "headless-burp-proxy-master-SNAPSHOT-jar-with-dependencies.jar;burpsuite_pro_v1.7.31.jar" burp.StartBurp \ - --project-file=project.burp + +``` +java -Xmx1G -Djava.awt.headless=true \ +-classpath "headless-burp-proxy-master-SNAPSHOT-jar-with-dependencies.jar;burpsuite_pro_v1.7.31.jar" burp.StartBurp \ +--project-file=project.burp +``` #### Commandline Options - --project-file=VAL Open the specified project file; this will be created as a new project if the file does not exist (mandatory) - --proxyPort VAL Proxy port - --shutdownPort VAL Shutdown port - --shutdownKey VAL Shutdown key - -p (--prompt) Indicates whether to prompt the user to confirm the shutdown (useful for debugging) - -v (--verbose) Enable verbose output - - --diagnostics Print diagnostic information - --use-defaults Start with default settings - --collaborator-server Run in Collaborator server mode - --collaborator-config=VAL Specify Collaborator server configuration file; defaults to collaborator.config - --config-file=VAL Load the specified project configuration file(s); this option may be repeated to load multiple files - --user-config-file=VAL Load the specified user configuration file(s); this option may be repeated to load multiple files - --auto-repair Automatically repair a corrupted project file specified by the --project-file option +``` +--project-file=VAL Open the specified project file; this will be created as a new project if the file does not exist (mandatory) +--proxyPort VAL Proxy port +--shutdownPort VAL Shutdown port +--shutdownKey VAL Shutdown key +-p (--prompt) Indicates whether to prompt the user to confirm the shutdown (useful for debugging) +-v (--verbose) Enable verbose output + +--diagnostics Print diagnostic information +--use-defaults Start with default settings +--collaborator-server Run in Collaborator server mode +--collaborator-config=VAL Specify Collaborator server configuration file; defaults to collaborator.config +--config-file=VAL Load the specified project configuration file(s); this option may be repeated to load multiple files +--user-config-file=VAL Load the specified user configuration file(s); this option may be repeated to load multiple files +--auto-repair Automatically repair a corrupted project file specified by the --project-file option +``` ### Stop Burp Proxy - echo SHUTDOWN >> /dev/tcp/127.0.0.1/4444 - or - echo SHUTDOWN | netcat 127.0.0.1 4444 - or - echo SHUTDOWN | ncat 127.0.0.1 4444 +``` +echo SHUTDOWN >> /dev/tcp/127.0.0.1/4444 +or +echo SHUTDOWN | netcat 127.0.0.1 4444 +or +echo SHUTDOWN | ncat 127.0.0.1 4444 +``` \ No newline at end of file