Burp Suite User Forum

Create new post

Burp Enterprise API scan

Lahiru | Last updated: Dec 09, 2020 08:12AM UTC

Hi, I just wanted to know whether Burp enterprise has API scanning facility ? Thanks Best Rgds Lahiru

Ben, PortSwigger Agent | Last updated: Dec 09, 2020 08:28AM UTC

Hi Lahiru, Yes, API scanning is enabled on by default within Burp Enterprise. As long as you are adhering to the requirements set out in the page below, Burp Enterprise should be scanning your APIs as part of its normal scanning process: https://portswigger.net/burp/documentation/desktop/scanning/api-scanning

Lahiru | Last updated: Dec 09, 2020 10:01AM UTC

Great ! Thanks a lot ben. Let me refer the document first and come back to you.

carlos | Last updated: Nov 27, 2023 11:16AM UTC

Hi I tried creating open api 3.0.0 by defining my API server location in [ {"url":"<>"}], and uploaded it on google bucket. Burp enterprises is not able to crawl any API using uploaded openapi.json file. Can you help me on any clear documentation or video?

Liam, PortSwigger Agent | Last updated: Nov 28, 2023 02:27PM UTC

Thanks for your message, Carlos.

We're developing a feature allowing you to upload API definition files directly into Burp. We'll first release this in Burp Suite Professional before adding it to Burp Enterprise in Q1 next year.

Please let us know if you require any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.