We’ve created a Burp extension that adds a context menu to send Issues directly to Dradis from Burp’s Scanner interface.
Download and instructions:
If you give it a try, let us know what you think.
-Daniel
Where can we find the API token required for the Burp Plugin?
Hi @LanMan,
For CE it’s the shared password of the server. For Pro, in your Profile page.
HTH,
Daniel
Thanks, still having a problem. I deployed Dradis on Cloud9 (not sure if that is the issue).
Here are screenshots:
Burp Config
Message when sending issue
Hi @LanMan,
Can you confirm the output of:
curl -i -u etd:[pass] http://dradis-ce.dev/api/issues
For your C9 URL? Unless that is working there is something going on with the connection (SSL cert), domain, port, password, etc.
HTH,
Daniel
I never followed up on this one, I ended up buying to pro version. If anyone else has the same issue I am sure they will bump this thread.
It was a long an arduous debug process, it came down to Ruby > JRuby > Java not taking the same path to make an HTTP request than Burp does, so we had to rewrite the HTTP-sending part of the extension. You can follow progress here:
https://github.com/dradis/burp-dradis/pull/1
Background info:
This should be fixed in v0.0.3. It’s not released in Burp’s store yet, but you can give it a try here:
https://raw.githubusercontent.com/dradis/burp-dradis/master/burp-dradis.rb