.png)
3 months ago
22
A Python tool that seamlessly integrates reNgine reconnaissance data with Burp Suite Professional for enhanced web application security testing workflows.
- Dashboard Integration: Works with reNgine web dashboard deployments
- SSL/TLS Support: Handles self-signed certificates common in private deployments
- Comprehensive Data Export: Extracts subdomains, endpoints, and URLs from reNgine scans
- Smart Filtering: Identifies interesting endpoints (admin panels, APIs, etc.)
- Burp Suite Integration:
- Automatic scope configuration
- Target import via REST API
- Manual import file generation
- Flexible Authentication: Supports both authenticated and unauthenticated reNgine instances
- Detailed Reporting: Generates integration reports and CSV summaries
- Python 3.6+
- reNgine instance (accessible via web dashboard)
- Burp Suite Professional (for API integration)
- Required Python packages: requests, urllib3
- Clone this repository:
- Install dependencies:
- Make the script executable:
| rengine_url | reNgine dashboard URL | Required |
| project_slug | reNgine project slug | Required |
| scan_id | Scan ID to export | Required |
| --rengine-user | reNgine username | None |
| --rengine-pass | reNgine password | None |
| --burp-api-url | Burp REST API URL | http://localhost:8090 |
| --burp-api-key | Burp API key | None |
| --output-dir | Output directory | ./rengine_burp_integration |
| --files-only | Generate files only, skip API import | False |
The tool generates several files for Burp Suite integration:
- burp_scope.txt: Domain scope for Burp Suite
- burp_targets.txt: Live URLs for scanning
- burp_priority_targets.txt: High-priority endpoints (admin, API, etc.)
- scan_summary.csv: Comprehensive data overview
- integration_report.txt: Summary report
This tool is designed to work with self-signed SSL certificates commonly used in private reNgine deployments. SSL verification is automatically disabled to ensure compatibility.
- Open Burp Suite Professional
- Go to Settings → Extensions → APIs
- Enable "REST API"
- Generate an API key
- Note the API endpoint (default: http://localhost:8090)
- Open Burp Suite Professional
- Go to Target → Site map
- Right-click and select "Add to scope" → "Load from file"
- Import the generated scope and target files
The tool automatically handles self-signed certificates. If you encounter SSL issues:
- Ensure you're using the correct protocol (HTTP vs HTTPS)
- Try using HTTP port 8082 if available
- Verify the reNgine URL is accessible in your browser
- Verify username and password are correct
- Check if the reNgine instance requires authentication
- Ensure the user has appropriate permissions
- Verify the scan ID exists and has completed
- Check that the project slug is correct
- Ensure the scan contains the expected data types
Contributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.
For enterprise support, deployment assistance, and custom integrations, contact HailBytes.
Join our Discord community for questions, discussions, and community support: HailBytes Discord
- reNgine - Automated reconnaissance framework
- Burp Suite - Web application security testing platform
This tool is for authorized security testing only. Users are responsible for complying with applicable laws and regulations.
