How to use Burp Suite Rest API?

Setting up the API

Endpoints

  • /knowledge_base/issue_definitions:- This endpoint retrieves the scan definitions, including the issue ID, name, and description.
  • /scan:-This endpoint can programmatically start Burp Active scans.
  • /scan/[task_id: String]:- This endpoint will sent information regarding a scan.

How to use these APIs to do a scan on your website?

  • Add your website where it says add array item. You can add more websites by simply clicking on Add array item.
  • You can add a login to your application by checking the application_logins box.
  • We can choose 2 options to set your login. Either set your creds or record your login using Burps Embedded browser
  • You can Configure Scans as well in the scan_configurations section. This means you can set your burp to do crawling or doing audit checks.
  • These scan configurations are the built-in configurations of burp. You can see them when you go to Burp → configuration library

--

--

--

Security Engineer |Help in building apps more secure|

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Right click on Windows 10 desktop keeps loading forever? Fix it in less than 30 seconds!

BDD Addict Newsletter July 2017

Web, Widget, Extension Help Centers

Getting started with Web development using Flask

Ventura Pointer Download For Mac

Bifrost Testnet NFT Badges & Rewards Distribution Plan

‘Alternative to Blazor’ Wisej 3 Ships — Visual Studio Magazine

An Introduction To CSS Box Models

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Siddhanth Dwivedi

Siddhanth Dwivedi

Security Engineer |Help in building apps more secure|

More from Medium

Finding and Exploiting SSRF Vulnerabilities

Exploiting S3 bucket with path folder to Access PII info of A BANK

elasticpwn: how to collect and analyse data from exposed Elasticsearch and Kibana instances

Open Redirection - QR Code Magic