Photo by Douglas Lopes on Unsplash

How to Run BurpSuite API with a script?

So in my previous post, I told you how to integrate Jenkins with BurpSuite Professional. But this one is different we will run the Burp’s active scan with a simple python script. And later you can add that to your Jenkins and fully automate the testing part. So let’s get things rolling

Download the Script from Github.

https://github.com/mafiaguy/BurpSuite-API

Clone the Repo from Github

now you have to install the requirements of the script.

cd BurpSuite-API

pip3 install -r requirements.txt

Now you have to enter the IP address of the Burp Suite API

In my case I choose http://127.0.0.1:1337 enter your url with -u

now enter your path for the data.json file with -f

the data.json file will contain everthing after -d ‘ and remove the last ‘. Copy all of it and paste in file and name it anything with the json extension.

the sample data would look like this

Now run the script

python3 main.py -u http://127.0.0.1:1337/v0.1/scan -f /Users/mafiaguy/Desktop/data.json

and the scan will automatically run and it will provide you with all the data of the active scan and all the vulnerability it found along with the definition of that particular vulnerability.

and its the end.

--

--

--

Security Engineer |Help in building apps more secure|

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Fizz buzz in Assembly x86 32 bit. See previous blog posts to compile, link and run this program.

Recursion and how it works on the stack

Run Ubuntu on M1 Macbook Air using UTM

Create Excel File using Java

Point & to Move in Unity — Part 4: Fix Player Clipping Objects

Agile Manifesto and Scrum Methodology

Variables! — The building blocks of programming’

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Siddhanth Dwivedi

Siddhanth Dwivedi

Security Engineer |Help in building apps more secure|

More from Medium

Extreme Hacking Mindset

Bug Bounty Hunting — How I Earned $500 In 4 Hours

Phishing Logo

Leaked Database of CGG Website: GOVT- BUG (CRITICAL)

XSS — Cross-Site Scripting