Skip to content

factionsecurity/Faction-Burp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

This Burp Suite Extension allows you to integrate BurpSuite into the Faction assessment collaboration framework. Faction is fully open source and free to use.

Faction allows you to:

  1. Automate Vulnerability Reports
  2. Collaborate with other pen-testers
  3. Track Vulnerabilties to Closure

Build from Source

git clone git@github.com:factionsecurity/Faction-Burp.git
cd Faction-Burp/FactionBurp
mvn clean compile jar:jar assembly:single

image

Example Entering an XSS finding into Faction

  1. Select the request or reponse you want to include in your report and click 'add new finding' image
  2. Search for existing Vulnerability Templates and select only the part you want to include in the repoort. image
  3. Get full details of findings in burp that you and other assessors have discovered. You can even replay the request from the UI. image

Finalize the report in the Faction Web Interface: image

image

Then generate the final report image