Burp Dastardly scan

[iman4000]

Burp Dastardly scan

Dastardly is a free, lightweight web application security scanner for your CI/CD pipeline. It is designed specifically for web developers, and checks your application for seven security issues that are likely to interest you during software development. Dastardly is based on the same scanner as Burp Suite (Burp Scanner).

Sample File
Dastardly scan results are available as a JUnit XML file when a scan is complete.

[Stamka]

wait too:)

[damiencarol]

I took a look, it produce JUnit XML files. This choice is weird. They could have choose a more security oriented format like SARIF.

[iman4000]

I don't think they changed it because burp suit had XML format before. I think I saw some JUnit parsers in defectdojo for other scans. can you reuse it for a burp suit?

[manuel-sommer]

Hi @iman4000 ,

if you provide an output sample file, I can help you with a PR.

[manuel-sommer]

Reminder @Stamka and @iman4000,
could you provide a sample out?

[mykhailo-sindieiev]

Hello @manuel-sommer
Here is the output of the scan that was run against "https://ginandjuice.shop"

dastardly.xml.zip

[manuel-sommer]

Could you please close this issue @mtesauro ?