Module Idea: Dastardly

[domwhewell-sage]

Description Hi, would you be open to a PR for dastardly?

This would provide coverage of web application vulnerabilities: reflected XSS, CORS, Vulnerable JS, Content type not specified, Multiple Content Types, HTML Charset and duplicate cookies.

I am also investigating a OWASP ZAP module but have found dastardly to be more accurate on the above vulnerabilities.

[TheTechromancer]

Hmm, this is an interesting idea. I am open to a dastardly module, however I'm hesitant to add a dependency on java, as the installation is unwieldy and can be problematic for the host system. @liquidsec may also have input here.

What is your vision for implementing it? How would it work with the python/bbot module system?

[domwhewell-sage]

Hi, thanks for getting back to me. It would be implemented as a deadly module much like nuclei is, It outputs an XML file which can be parsed. Each finding comes with detail of the request/response that indicated the vulnerability which may have to be put into a separate file like the gowitness screenshots.

I don't think they distribute the java binary on its own, on the site if you select platform independent it prompts you to use a docker command to run it. docker run --user $(id -u) --rm -v $(pwd):/dastardly -e \ BURP_START_URL=https://ginandjuice.shop -e \ BURP_REPORT_FILE_PATH=/dastardly/dastardly-report.xml \ public.ecr.aws/portswigger/dastardly:latest During the dependency setup this could be accounted for by using deps_apt to install docker.io and deps_ansible to pull the docker image into the cache. Running the command would probably have to prompt for sudo as the user may not be in the docker_users group

[TheTechromancer]

Closing as this module has been merged 👍