How to use Burp Suite Rest API?
This is a post on how to use burp suite API in a browser. Blog by portswigger on burps-new-rest-API
Setting up the API
To configure the API, navigate to
User options — ->Misc — ->REST API, then select the checkbox to start the service.
By default, the service runs on http://127.0.0.1:1337 and requires you to generate an API key to use it. To generate an API key, select New, give the key a name, copy the key to the clipboard and click OK.
Once you have the API key, you can start using the API. The API is self-documenting, so to understand the use of the API you can just browse to it and view the documentation located at http://127.0.0.1:1337/<your API key>/v0.1/<api_key>
There are 3 different endpoints.
- /knowledge_base/issue_definitions:- This endpoint retrieves the scan definitions, including the issue ID, name, and description.
- /scan:-This endpoint can programmatically start Burp Active scans.
- /scan/[task_id: String]:- This endpoint will sent information regarding a scan.
How to use these APIs to do a scan on your website?
In order to scan your website. You have to choose the 2nd option i.e /scan.
- Add your website where it says add array item. You can add more websites by simply clicking on Add array item.
Application Login Section
- You can add a login to your application by checking the application_logins box.
- We can choose 2 options to set your login. Either set your creds or record your login using Burps Embedded browser
Scan Configuration section
- You can Configure Scans as well in the scan_configurations section. This means you can set your burp to do crawling or doing audit checks.
- These scan configurations are the built-in configurations of burp. You can see them when you go to Burp → configuration library
In the Scan_Configuration section, you have 2 options Named Configuration and Custom Configuration. In Custom Configuration you have import your custom library. For this post, we will be configuring our burp to named configuration i.e. “Crawl strategy — faster”
Resource Pool section
In this section, you enter the name of the resource pool that you would have created previously you can leave this blank as well.
You can configure a scan callback URL, which will be sent information regarding a scan. For example:- I set up a ngrok and configured it as a callback URL
After all the configuration is done you have to simply click on send request.
This can be pretty cumbersome depending on the number of issues detected for a particular task, so you can also pass parameters that work similarly to filters to help you gather only the information you need. The after parameter allows you to specify a number to specify which issue Id for the scan that you want to see. For example, if your scan has ten issues 1–10, specifying the number 5 for the after parameter would only return issues after 5, or in the case of the example issues 6–10. The issue_events parameter allows you to specify another number, limiting the issues that come back further. For example, if you wanted to see issues 6–8, you would use http://127.0.0.1:1337/<api-key>/v0.1/scan/<task_id>?after=5&issue_events=3.