mittn
mittn copied to clipboard
F-Secure
Mittn: Security test tool runner for test automation in CI
Hello, im having the next problem: And a working Radamsa installation # ../../../../../../usr/local/lib/python2.7/dist-packages/mittn-0.0.0-py2.7.egg/mittn/httpfuzzer/steps.py:75 0.004s Assertion Failed: Could not execute Radamsa from /home/sergio/Master/Auditoria/mittn-master/features/radamsa-master/bin: [Errno 13] Permission denied I already gave chmod...
It would be cool and awesome if this would support Robotframework somehow. [http://robotframework.org/](url) is widely used acceptance test framework for testing. Especially it is widely used with Selenium2Library to test...
The BDD stuff is really mostly useless in the context of Mittn. For example, the use of Behave and Gherkin in the Burp scanning case is just syntactic sugar, which...
Beware: speedbumps ahead at least in the http fuzzer's http request implementation.
It will be certainly helpful for the people who want to follow security tests with CI tools, and without a doubt Arachni is the one of the best dynamic application...
Mittn needs a test framework. Also set up Travis.
Currently there are only installation instructions under docs/. Using git subtree or docker to codify these dependencies would make testing, take-into-use and updating significantly easier than it is today.
Writing collected fuzz valid cases to files for Radamsa sometimes fails with File "/home/user/mittn/mittn/httpfuzzer/fuzzer.py", line 87, in get_fuzz filehandle.write(bytearray(valid_string, "UTF-8")) TypeError: encoding or errors without a string argument
The requests library does not like all the fuzzer-generated URLs. This may result in a requests.exceptions.InvalidURL when sending a fuzzed GET request. The solution would be to catch this exception...
Some load balancers drop bodies that are too large. They just close the HTTP connection resulting in a HTTP protocol error. These cases are false positives and crop up randomly...