Skip to content

lair-framework/burp-extension

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Lair Burp Extension

The Lair Burp Extension is exactly what it sounds like - a Burp Suite Extension used to import individual scan issues into a remote Lair project.

Lair (https://github.com/fishnetsecurity/Lair) is an application for collaborative management of diverse information associated with pentests. Although a Burp Drone already exists to consume Burp XML files (https://github.com/fishnetsecurity/Lair-Drones), being able to perform on-demand imports of individual issues directly from Burp makes tracking the issues a little more manageable.

Features

  • Integrates with an existing Lair API Server instance
  • Straightforward configuration and usage
  • Burp scan results context menu allows one-click export of a Burp issue to a Lair project
  • Creates new ports and vulnerabilities in Lair project if not currently present during import

Limitations

  • Cannot resolve DNS names via Burp-specific configuration (e.g. SOCKS proxy, host list)
  • Currently only allows import of issues by IP address (see above point)
  • Project must exist in Lair project - it will not be created dynamically by the extension

Usage

  • Enable the extension in Burp
  • Go to the "Lair Configuration" tab and enter the project id and the API Server URL
  • Perform passive/active scans in Burp
  • Go to: Scanner > Results
  • Right-click the desired scan issue and click "Send to Lair"
  • Check the "Alerts" tab for success/fail messages

Installation

$ download_deps.sh
[!] Directory does not exist
Usage: ./download_deps.sh DESTINATION_DIRECTORY

$ ./download_deps.sh /tmp/lair_burp

<output snipped>

[+] Complete. Add /tmp/lair_burp/lib to your Java CLASSPATH or Burp Extender options
  • Launch Burp

  • Go to: Extender > Options

  • Under "Java Environment" click "Select folder ..." and select the folder that contains the dependencies (see download_deps.sh above, your path should match the output from that script). Burp Extension Options

  • Go to: Extender > Extensions

  • Click "Add"

  • For "Extension type" select Java.

  • For "Extension file" select the Lair_Burp_Extension-.jar file. Extension Load

  • Click "Next" and ensure no errors were generated. Successful Load

  • You should see a new Burp Suite tab titled "Lair Configuration"

Detailed Usage

  • After loading the extension, navigate to the Lair Configuration tab and setup your Lair project ID and Lair API Server. Depending on how you launched Burp the API Server may be populated from your environment variables Burp Extension Options

  • Perform passive and active scanning

  • Find a scan issue you wish to export. Right-click and select "Send to Lair" Context Menu

  • Check the "Alerts" tab for error messages.

  • Check your Lair project, your finding should be imported Lair Data

Credits

  • @packetassailant for assistance in initial dev challenges
  • @zenfosec for testing and QA