Import Venari Data into Burp¶
The goal of this tutorial is to show the Burp Auto Mapper extension (powered by Venari) importing scan data from Venari discovery and exploit scans.
For a more thorough introduction to Auto Mapper features and setup, see Introduction to Auto Mapper
We will demonstrate the following capabilities:
- Import the site map from a single Venari scan into Burp
- Import a complete Venari scan into Burp (site map and issues)
- Import all issues for a specific application into Burp
Combining Venari's authenticated auto-discovery and Burp's powerful set of testing features takes application discovery and vulnerability analysis to the next level.
Import Site Map¶
Importing a site map populates the Burp site map view but does not bring in any issues from the Venari scan job.
Right Click to activate the context menu and select 'Import Venari Data' -> 'Site Maps' -> application name -> job name. Then click the target tab.
Import Scan¶
Importing a scan fills up the Burp site map view and populates the Issues view with any issues from the Venari scan job.
Right Click to activate the context menu and select 'Import Venari Data' -> 'Scans' -> application name -> job name. Then click the target tab.
Import Issues¶
Importing a scan fills up the Burp Issues view with any issues from the Venari scan job. The Issues are application level data items so the issues loaded into the view are the union of all issues found when Venari scanned the specified application.
Right Click to activate the context menu and select 'Import Venari Data' -> 'Issuess' -> application name. Then click the target tab.
View Scan in Venari¶
The animation below shows the scan-level data in the Venari UI.
