About_a_perl has asked for the wisdom of the Perl Monks concerning the following question:

Hi monks! I need a little guidance. I have recently began helping with an IT security firm. My job mostly consists of running penetration testing tools and writing reports. The problem I'm having at the moment is with using a tool called burp. It is a web application scanner among other things. What I need is a way to keep log in sessions a live so that the scanner can do credentialed testing when it gets to a particular application. My thought is to write a script that refreshed a page at a certain interval. Then, after I provided credentials, I can launch the script and keep the session open. Is this way of thinking sound? If so, can someone point me in the right direction?

Replies are listed 'Best First'.
Re: Keeping a session alive
by Anonymous Monk on Jan 29, 2012 at 05:36 UTC
[reply]

      Legality is not an issue. All of our clients sign waivers and we get scope confirmation in writing prior to any testing. As long as the refresh rate isn't set to a point where it would essentially be a DoS attack, it would be fine. Any suggestion on where to start on the code?

[reply]

        I count 5 links provided in the previous reply. Did you follow them and read the documentation? I hope you aren't asking us to perform your job for you?

        True laziness is hard work
[reply]
Re: Keeping a session alive
by About_a_perl (Novice) on Jan 29, 2012 at 06:20 UTC

    Sorry, I didn't see the links prior to my last reply. Its been a long day. I was just reading up on LWP. It looks like the use of 'get' will probably work.

[reply]

Back to Seekers of Perl Wisdom