reddit hackernews mail facebook facebook linkedin


A one-stop pentesting checklist and logger tool.

Welcome to Autowasp, a Burp Suite extension that integrates Burp issues logging, with OWASP Web Security Testing Guide (WSTG), to provide a streamlined web security testing flow for the modern-day penetration tester! This tool will guide new penetration testers to understand the best practices of web application security and automate OWASP WSTG checks.

Currently, Autowasp supports the following functionnalities:

1. Testing Checklist - Be guided by OWASP!

With the ability to fetch the OWASP WSTG checklist, Autowasp aims to aid new penetration testers in conducting penetration testing or web application security research. The testing checklist tab will extract useful information such as:

- Summary of OWASP WSTG test cases
- How to test – black/white box testing
- Relevant testing tools to aid your test
- Relevant testing tools to aid your test

2. Logger Tool - Log down the Vulns!

Autowasp Logger tab gives penetration testers the ability to extract and consolidate Burp Scanner issues. This extender tool will automate and flag vulnerable network traffic issues, allowing users to send vulnerable proxy items from Burp’s proxy, intruder and repeater tab to the extender. These vulnerable issues can then be mapped to WSTG IDs and be used to generate an Excel report upon engaging in a penetration test.on test.