Minion – Mozilla Security Testing Framework

Keep on Guard!


Minion is a security testing framework built by Mozilla to bridge the gap between developers and security testers. To do so, it enables developers to scan with a wide variety of security tools, using a simple HTML-based interface.

Minion - Mozilla Security Testing Framework

It consists of three umbrella projects:


  • Minion Frontend, a Python, angular.js, and Bootstrap-based website that provides a HTML interface to authenticate and authorize users, manage sites, initiate scans, and report issues
  • Minion Backend, a Python, Flask, and Twisted-based backend that provides an API for the Minion Frontend, and acts as a middleman between the frontend and external security tools
  • Minion VM, a repository of recipes to allow quick installations of Minion either via Vagrant or Docker

Functionality

Minion has limited scanning functionality built into itself. Instead, it relies on the large variety of pre-existing open source and commercial scanning tools. These plugins include:

You can download Minion here:

Back-end: minion-backendv0.3.zip
Front-end: minion-frontend-v0.4.zip

Or read more here.


Posted in: Countermeasures, Security Software, Web Hacking

, , , , , , , ,

Recent in Countermeasures:
- Barnyard2 – Dedicated Spooler for Snort Output
- Wycheproof – Test Crypto Libraries Against Known Attacks
- DBShield – Go Based Database Firewall

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,480 views
- Password Hasher Firefox Extension - 118,063 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,788 views


One Response to Minion – Mozilla Security Testing Framework

  1. Andy December 6, 2016 at 11:10 pm #

    Surprised that they support ZAP and not Burp Suite. Seems like it would be of very limited value to security testers until they add that in.