Burp Suite User Forum

Login to post

Burp Suite Automation

Sreedhar | Last updated: Oct 14, 2019 01:09PM UTC

Hi All We are trying to automate to test various vulnerabilities like xpath injection,sql injection, Cross-site scripting etc. We have referred the following link https://www.we45.com/blog/automating-burp-with-jenkins We have tried through burp-rest-api as well as carbonator The issue is that we are not able to select the individual scan types (xpath injection,sql injection, Cross-site scripting) . Can you suggest if there is any way for this. Also since we will be running the burp suite multiple times please confirm if there are any license issues

Liam, PortSwigger Agent | Last updated: Oct 14, 2019 01:18PM UTC

Sreedhar, which version of Burp are you using to perform your testing?

Burp User | Last updated: Oct 14, 2019 05:24PM UTC

Burp Suite Professional 2.1.04

Liam, PortSwigger Agent | Last updated: Oct 15, 2019 07:10AM UTC

You can do this via the REST API: Configure your scan configuration. Save the file to the configuration library. In the REST API toolkit, use the scan_configurations > Named Configuration property.

Burp User | Last updated: Oct 30, 2019 11:14AM UTC

Hi is there any option through extensions like carbonator to scan for specific vulnerability like xpath injection, sql injection

Liam, PortSwigger Agent | Last updated: Oct 31, 2019 10:33AM UTC

Sreedhar, I don't think there is an extension that will perform as you require.

You need to Log in to post a reply. Or register here, for free.