Rapid7 AppSec Plugin for InsightAppSec and AppSpider dynamic application security testing solutions.
The Rapid7 AppSec plugin works with Rapid7 InsightAppSec and AppSpider dynamic application security testing solutions to improve application scanning coverage and assist in validating vulnerabilities with these capabilities: Macro Recording - Use the plugin to record macros required by InsightAppSec and AppSpider Enterprise when selecting the Macro Authentication scan configuration. Macro Authentication enables the crawling engine of InsightAppSec and AppSpider to authenticate with complex login workflows. Vulnerability Validator - Used in conjunction with the Attack Replay feature in InsightAppSec and AppSpider, this feature of the Chrome plugin enables users to replay and edit recorded traffic generated during an InsightAppSec or AppSpider scan, for vulnerability and patch validation. Bootstrap Authentication - The Chrome plugin is required to use AppSpider Enterprise's Bootstrap Authentication feature, which gives the user the ability to interactively login to the target application during an active scan. Used for login workflows that require human interaction, e.g. 2-factor authentication. For support related to this plugin, please contact [email protected]
- (2018-04-09) Brian Loo: helps me validate findings, create login macros, bootstrap logins.
- (2017-03-10) Orlando Barrera II: Very useful extension for AppSpider Enterprise. In order to enable these features in AppSpider Enterprise you need to modify NTOE.config file and change <macroPlugin Enabled="false" /> line to <macroPlugin Enabled="True" />
- (2019-05-07, v:2.0.10) Богдан Завадський: Errors in the Rapid7 AppSec Plugin
Hello. I'm using Rapid7 AppSec Plugin with AppSpider reports. Currently Chrome says that your plugin has few errors and from time to time doesn't want to work with Rapid7 AppSec Plugin. Hope, you are working on this.
- (2018-06-28, v:2.0.4) Chris Miculescu: Chrome detects extension as malware
Recent Chrome update detects this extension as malware. "This extension contains malware." There is no way to overwrite and force-enable to extension. Please fix.