How to use Burp Suite Rest API?
This is a post on how to use burp suite API in a browser. Blog by portswigger on burps-new-rest-API
Setting up the API
To configure the API, navigate to
User options — ->Misc — ->REST API, then select the checkbox to start the service.
By default, the service runs on http://127.0.0.1:1337 and requires you to generate an API key to use it. To generate an API key, select New, give the key a name, copy the key to the clipboard and click OK.
Once you have the API key, you can start using the API. The API is self-documenting, so to understand the use of the API you can just browse to it and view the documentation located at http://127.0.0.1:1337/<your API key>/v0.1/<api_key>
Endpoints
There are 3 different endpoints.
- /knowledge_base/issue_definitions:- This endpoint retrieves the scan definitions, including the issue ID, name, and description.
- /scan:-This endpoint can programmatically start Burp Active scans.
- /scan/[task_id: String]:- This endpoint will sent information regarding a scan.
How to use these APIs to do a scan on your website?
In order to scan your website. You have to choose the 2nd option i.e /scan.
Scan Section
- Add your website where it says add array item. You can add more websites by simply clicking on Add array item.
Application Login Section
- You can add a login to your application by checking the application_logins box.
- We can choose 2 options to set your login. Either set your creds or record your login using Burps Embedded browser
Scan Configuration section
- You can Configure Scans as well in the scan_configurations section. This means you can set your burp to do crawling or doing audit checks.
- These scan configurations are the built-in configurations of burp. You can see them when you go to Burp → configuration library
In the Scan_Configuration section, you have 2 options Named Configuration and Custom Configuration. In Custom Configuration you have import your custom library. For this post, we will be configuring our burp to named configuration i.e. “Crawl strategy — faster”
Resource Pool section
In this section, you enter the name of the resource pool that you would have created previously you can leave this blank as well.
Scan Callback
You can configure a scan callback URL, which will be sent information regarding a scan. For example:- I set up a ngrok and configured it as a callback URL
After all the configuration is done you have to simply click on send request.
This can be pretty cumbersome depending on the number of issues detected for a particular task, so you can also pass parameters that work similarly to filters to help you gather only the information you need. The after parameter allows you to specify a number to specify which issue Id for the scan that you want to see. For example, if your scan has ten issues 1–10, specifying the number 5 for the after parameter would only return issues after 5, or in the case of the example issues 6–10. The issue_events parameter allows you to specify another number, limiting the issues that come back further. For example, if you wanted to see issues 6–8, you would use http://127.0.0.1:1337/<api-key>/v0.1/scan/<task_id>?after=5&issue_events=3.