[link]https://github.com/PortSwigger/autowasp[/link]
[tags]burpsuite,logs,owasp[/tags]
[short_descr]A one-stop pentesting checklist and logger tool.[/short_descr]
[long_descr]Welcome to Autowasp, a Burp Suite extension that integrates Burp issues logging, with OWASP Web Security Testing Guide (WSTG), to provide a streamlined web security testing flow for the modern-day penetration tester! This tool will guide new penetration testers to understand the best practices of web application security and automate OWASP WSTG checks.
Currently, Autowasp supports the following functionnalities:
Testing Checklist - Be guided by OWASP!
With the ability to fetch the OWASP WSTG checklist, Autowasp aims to aid new penetration testers in conducting penetration testing or web application security research. The testing checklist tab will extract useful information such as:
Summary of OWASP WSTG test cases
How to test – black/white box testing
Relevant testing tools to aid your test
Relevant testing tools to aid your test
Logger Tool - Log down the Vulns!
Autowasp Logger tab gives penetration testers the ability to extract and consolidate Burp Scanner issues. This extender tool will automate and flag vulnerable network traffic issues, allowing users to send vulnerable proxy items from Burp’s proxy, intruder and repeater tab to the extender. These vulnerable issues can then be mapped to WSTG IDs and be used to generate an Excel report upon engaging in a penetration test.on test.[/long_descr]
[image]https://raw.githubusercontent.com/gwen001/offsectools_www/main/a25244792dd0da07382a3555a721aa8a.png[/image]
[link]https://github.com/PortSwigger/autowasp[/link] [tags]burpsuite,logs,owasp[/tags] [short_descr]A one-stop pentesting checklist and logger tool.[/short_descr] [long_descr]Welcome to Autowasp, a Burp Suite extension that integrates Burp issues logging, with OWASP Web Security Testing Guide (WSTG), to provide a streamlined web security testing flow for the modern-day penetration tester! This tool will guide new penetration testers to understand the best practices of web application security and automate OWASP WSTG checks.
Currently, Autowasp supports the following functionnalities:
With the ability to fetch the OWASP WSTG checklist, Autowasp aims to aid new penetration testers in conducting penetration testing or web application security research. The testing checklist tab will extract useful information such as:
Autowasp Logger tab gives penetration testers the ability to extract and consolidate Burp Scanner issues. This extender tool will automate and flag vulnerable network traffic issues, allowing users to send vulnerable proxy items from Burp’s proxy, intruder and repeater tab to the extender. These vulnerable issues can then be mapped to WSTG IDs and be used to generate an Excel report upon engaging in a penetration test.on test.[/long_descr] [image]https://raw.githubusercontent.com/gwen001/offsectools_www/main/a25244792dd0da07382a3555a721aa8a.png[/image]