Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp Scans not reporting previously reported issues

Jeevesh | Last updated: Jul 05, 2024 04:24PM UTC

Hi, I am currently using Burp Pro REST APIs to trigger DAST scans. I have noticed that if a finding is reported by the current scan, then it will not be reported again if I trigger the scan on the same URL again. I think this is its intended behaviour if the scans are triggered on the same project. I want to know if there is a way using which I can get the issues from previous scan as well. I don't want to use UI to start a new project for each scan. Also, is there a documentation explaining headless installation of Burp Pro, and triggering DAST scans using the exposed REST APIs.

Syed, PortSwigger Agent | Last updated: Jul 08, 2024 09:56AM UTC

Hi Jeevesh,

There is a way to run isolated scans in Burp Pro, but the option is unavailable through the REST API. May I ask why you want to trigger a scan only through the REST API? Are you running the scans periodically? Are you trying to compare the scan results across scans?

The REST API has not been updated in some time and has limited functionality compared to the UI. Here is a doc regarding the REST API: https://portswigger.net/burp/documentation/desktop/settings/suite/rest-api

Jeevesh | Last updated: Jul 08, 2024 03:14PM UTC

Hi Syed, I am working on some automation scripts to run on demand custom scans, so this feature would help me incase multiple scans are triggered on the same endpoint under same project. Does enterprise edition offer any feature to help my use case? If yes, I'm open towards using enterprise edition as well.

Syed, PortSwigger Agent | Last updated: Jul 09, 2024 07:26AM UTC

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.