rescope v2.2 releases: scope-generator-tool for Burp Suite and ZAP

by do son · Published · Updated

defining scopes Burp Suite

Rescope

Rescope is a cli-tool (written in Go) that aims to make life easier when defining scopes in Burp Suite and OWASP ZAP.

How it works

  1. Provide any public or private scope.
  2. rescope takes care of the rest and spits out a Burp/ZAP compatible JSON/XML file.
  3. Import results from Burp/ZAP.

Features

  • Define public scope(s) directly from any supported BBaaS (Bug-Bounty-as-a-Service) platform
  • Define private scopes by copy/pasting target definitions from pretty much anywhere
  • Outputs results that is compatible with Burp Suite and Zaproxy for direct import
  • Combine private and public scopes
  • Scope include/exclude separation
  • Parse multiple scopes to the same result
  • Supports IP-ranges & CIDR
  • Resolves conflicting includes/excludes
  • Avoid resources from third party services such as github.com, gitlab.com, itunes.apple.com, etc

Supported Bug-Bounty Services (BBaaS)

Importing results

Burp Suite

  1. Head to Target
  2. Head to Scope
  3. Tick the Use advanced scope control checkbox
  4. Click the ⚙︎ icon
  5. Select Load options
  6. Choose JSON file

OWASP ZAP

Choose File -> Import Context and select XML file.

Note for OWASP ZAP:

  • If you set -o filename extension to anything other than .context then you’ll have to choose “All Format” in file select.
  • For ZAP HUD; set context –name “HUD Context”

Changelog v2.2

Added

  • New flag --resolveConflicts (Resolve all exclude conflicts (Say ‘Y’ to all)
  • New flag --avoid3P (Avoid all third party resources (Say ‘Y’ to all))
  • Parse private HackerOne scopes by setting X-Auth-Token in H1_TOKEN environment variable

Fixed

  • Fixed package that was conflicting with errors interface introduced in golang 1.13. This led to unexpected panics when using the -u|--url flags to obtain scopes from bugbounty programs.
  • Parsing from Bugcrowd should now work with new site layout
  • Fixed out of bounds error when removing third party resources from scope
  • #8 Fixed segfault when parsing scopes from intigriti due to layout change. Ref a26631c
  • Fixed bug that caused misaligned lists when HackerOne was included to multi-scopes.
  • rescope will no longer throw exceptions when program names are upper-cased.
  • Fixed segfault when parsing scopes from openbugbounty.org caused by changes to program URL structure.
  • Fixed multi-scope conflict entanglement.
  • #9 Fixed bug that caused segfault when infile contained single IP’s (3423ba0).
  • #10 Fixed issue that led rescope to crash when https:// were missing in -u|--url for hackerone programs.

Improved

  • Migrated vendoring to Go Modules
  • HackerOne scopes will now include IP/CIDR in addition to URLs.
  • The -b|--burp flag is no longer needed as results are outputted as Burp-compatible JSON – by default.
  • The -o|--outfile is no longer required as results are saved to a default filename in the working dir.

Install & Use

Copyright (c) 2021 root4loot

Tags: burp suiteowasp-zap