Updates HAM engine version to fix compatibility issues also updates the README file

Author: matthewD-AVI

README.md

@@ -15,34 +15,9 @@ The Attack Surface Detector uses static code analyses to identify web app endpoi
 
 To see a brief demonstration for the Attack Surface Detector, you can check it out [here:](https://youtu.be/jUUJNRcmqwI)
 
-# Building the Plugin
-
-1.  Install *Maven*:  https://maven.apache.org/install.html
-2. Clone *Attack Surface Detector* repository:  https://github.com/secdec/attack-surface-detector-burp
-3. Navigate to the source code *Directory*, open terminal and run the command `mvn clean package`
-4. The plugin will be located in the target folder named *attacksurfacedetector-release-1-jar-with-dependencies*.
-
-# Installation
-
-## Requirements
-* This plugin
-* PortSwigger Burp Suite
-
-## How to Install
-
-[Detailed Build/install instructions](https://github.com/secdec/attack-surface-detector-zap/wiki).
-
-1.	Download and install the latest build of PortSwigger BurpSuite from http://portswigger.net/burp/ 
-2.  Downlaod  the latest Attack Surface Detector jar file from [https://github.com/secdec/attack-surface-detector-burp/releases](https://github.com/secdec/attack-surface-detector-burp/releases)
-3.	Launch Burp
-4.  Navigate to the *Extender* tab -> add
-5.  Locate the Attack Surface Detector jar file
-6.  Click Next
-
 ## Extension Details
 * Extension Type: Java
-* Extension File: attacksurfacedetector-release-1-jar-with-dependencies
-* All other fields can be left alone
+* Extension File: attacksurfacedetector-release-#-jar-with-dependencies
 
 ### Burp Suite Professional
 * Scanner functionality available.
@@ -53,5 +28,24 @@ To see a brief demonstration for the Attack Surface Detector, you can check it o
 
 
 
+## Installation
+[Detailed install instructions](https://github.com/secdec/attack-surface-detector-burp/wiki/Installation).
+
+# For Developers & Contributors
+
+## Build Instructions
+1. Install Maven. - [https://maven.apache.org/install.html](https://maven.apache.org/install.html)
+2. Clone Attack Surface Detector repository - https://github.com/secdec/attack-surface-detector-burp 
+3. Navigate to the Source Code Directory
+4. Open a new terminal and run the command `mvn clean package`
+4. The plugin will be located in the target folder named attacksurfacedetector-release-#-jar-with-dependencies.jar
+
+## License
+
+Licensed under the [MPL](https://github.com/secdec/attack-surface-detector-burp/blob/master/LICENSE) License.
+
+
+
+
 
 

burp/pom.xml

@@ -22,27 +22,31 @@
     <prerequisites>
         <maven>2</maven>
     </prerequisites>
-
     <dependencies>
         <dependency>
             <groupId>net.portswigger.burp.extender</groupId>
             <artifactId>burp-extender-api</artifactId>
             <version>1.7.22</version>
         </dependency>
+        <dependency>
+            <groupId>commons-io</groupId>
+            <artifactId>commons-io</artifactId>
+            <version>2.4</version>
+        </dependency>
         <dependency>
             <groupId>com.github.secdec.astam-correlator</groupId>
             <artifactId>threadfix-cli-lib</artifactId>
-            <version>1.2.2</version>
+            <version>1.2.13-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>com.github.secdec.astam-correlator</groupId>
             <artifactId>threadfix-entities</artifactId>
-            <version>1.2.2</version>
+            <version>1.2.13-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>com.github.secdec.astam-correlator</groupId>
             <artifactId>threadfix-ham</artifactId>
-            <version>1.2.12</version>
+            <version>1.2.13-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>org.owasp</groupId>

pom.xml

@@ -339,6 +339,18 @@
                 </pluginManagement>
             </build>
         </profile>
+        <profile>
+            <id>allow-snapshots</id>
+            <activation><activeByDefault>true</activeByDefault></activation>
+            <repositories>
+                <repository>
+                    <id>snapshots-repo</id>
+                    <url>https://oss.sonatype.org/content/repositories/snapshots</url>
+                    <releases><enabled>false</enabled></releases>
+                    <snapshots><enabled>true</enabled></snapshots>
+                </repository>
+            </repositories>
+        </profile>
     </profiles>
 
     <properties>