Skip to content

Releases: Contrast-Security-OSS/Burptrast

v1.4

16 Oct 11:30
@JoeBeeContrast JoeBeeContrast
v1.4
827b642
Compare
Choose a tag to compare
v1.4 Latest
Latest
  • Updated 3rd party dependencies.
  • Added feature to show the route coverage stats within the site map
  • Some minor bug fixes.
Assets 3
Loading

v1.3

13 Jun 16:47
@JoeBeeContrast JoeBeeContrast
v1.3
a7502fe
Compare
Choose a tag to compare
v1.3
  • Updated the UI.
  • Split Burptrast into 2 sub tabs.
  • Improved authentication. Now you can use the credentials file. Or provide TS username and password and Burptrast will retrieve the required api and service keys itself and optionally save this to a credentials file.
  • This also makes it easier to use the Community Edition of Assess.
  • Also added documentation on signing up for the CE edition to use with Burptrast.
  • Added a Status field showing the status of Burptrast and it's connection to TS. Waiting, Loading, Error.
  • Minor bug fixes.
Assets 3
Loading

V1.2

17 Mar 14:23
@JoeBeeContrast JoeBeeContrast
v1.2
0c1915a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
V1.2

Live Browsing.

This allows live feedback as the user explores/pentests the instrumented application. As vulnerabilities are found in assess via Burp, the vulnerabilities are added to the Issues tab in real time.

Bapp store compliance

Based on https://portswigger.net/burp/documentation/desktop/extensions/creating/bapp-store-acceptance-criteria I've made improvements.

  • Calls to the TS API no longer cause the UI to hang. This was noticable when updating applications with large amounts of routes, the UI would hang. Calls to the TS API now occur in seperate threads and no longer hang the UI thread. Also when retrieving a large amount of endpoints the route coverage table will be continously updated as those routes are retrieved.
  • Another major change under the hood is moving away from Contrast's API SDK and instead making the API Requests via Burps Network Interface, this is another of the acceptance criteria. The upshot of this is that users behind a corporate proxy, can configure that via Burps UI to access Teamserver.
Assets 3
Loading

V1.1

24 Feb 14:24
@JoeBeeContrast JoeBeeContrast
v1.1
12a079a
Compare
Choose a tag to compare
V1.1

The following improvements have been made

  • Vulnerabilities are now imported into Burp. This includes vulnerability information from Teamserver as well as a link back to Teamserver
  • The ability to select a subset of routes to import to Burp
  • Sorting options for the application dropdown
  • Added the abillity to specify a application context to the url
  • Added sorting to the Trace table
Assets 3
Loading

v1.0

08 Feb 12:17
@JoeBeeContrast JoeBeeContrast
v1.0
120bce2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0

Initial release of Burptrast

Assets 3
Loading