feat: iscan issues from burpference findings

[GangGreenTemperTatum]

closes #7, creates Burp Scanner issues in the "All Issues" pane from model findings 🫶

• creates a custom BurpferenceIssue class implementing IScanIssue
• maps our severity levels to Burp's severity levels
• extracts severity from AI responses based on burpference SEVERITY markers
• creates and adds issues to Burp's Scanner for each finding
• uses the original model response as the issue detail
• sets confidence to "Tentative" since these are AI-generated findings

a very simple PoC:

sample of what to expect in the burpference extension logs

AI-Generated Summary

PR Summary

Overview of Changes

The brave crew has made noteworthy enhancements to the burpference module, introducing advanced capabilities for identifying and reporting security issues directly within the Burp Suite environment. By integrating a new BurpferenceIssue class and refining the extension's capabilities to map and create scan issues based on AI-identified severities, these changes mark a significant improvement in automating security analysis and reporting.

Key Modifications

1. Introduction of IScanIssue Implementation: A new class, BurpferenceIssue, has been added to enable the creation of scan issues within Burp Suite. This implementation allows the Burpference extension to generate and report findings directly in the tool, enhancing its integration with the Burp ecosystem.
2. Severity Mapping Functionality: The extension now includes a method to map severity levels identified by the Burpference model to the severity strings recognized by Burp Suite. This ensures that issues are appropriately classified within the tool, facilitating better prioritization and handling.
3. Automated Issue Creation: A new function create_scan_issue has been added to process responses and generate issues in Burp Suite. By extracting severity from the model's response and mapping it to Burp's severity levels, the extension can now automatically create and log detailed scan issues in the scanner's findings.
4. Simplified Error Handling: Minor refinement has been made to simplify error handling within the sorting mechanism, enhancing the extension's robustness and reliability.
5. Extension of the HTTP Listener Interface: The changes enable the Burp extension to react to HTTP messages by creating scan issues based on the content analyzed, integrating seamlessly with existing workflows in the Burp Suite.

Potential Impact

• Enhanced Automation: Automatically generates detailed security findings, reducing manual effort and accelerating the vulnerability management process.
• Improved Accuracy and Relevance: By mapping AI-detected severity levels to Burp's classification system, the extension ensures that issues are accurately prioritized, leading to more efficient issue resolution workflows.
• Greater Integration with Burp Suite: The introduction of a custom IScanIssue improves the extension's integration within the Burp ecosystem, allowing for better management and tracking of identified issues.

---

This summary was generated with ❤️ by rigging