Hi Alvin,
You can use the article below to help you capture the postman requests in Burp:
- https://secureideas.com/blog/2019/03/better-api-penetration-testing-with-postman-part-2.html
For Swagger/OpenAPI definitions, you can either use the OpenAPI parser extension or provide the URL to the scanner (for OpenAPI v3 files):
- https://portswigger.net/bappstore/6bf7574b632847faaaa4eb5e42f1757c
- https://portswigger.net/burp/documentation/desktop/scanning/api-scanning
- https://portswigger.net/blog/api-scanning-with-burp-suite
Can you clarify what you mean by the "Autocomplete-like" feature? Which version of Burp are you using?
In terms of replacing parameters in the Repeater, are you intending on doing this automatically? Have you tried using the 'Auto Repeater' or 'Stepper' extension?
Spidering has been replaced by 'Crawling'. You can find out further information below:
- https://portswigger.net/blog/burp-2-0-where-are-the-spider-and-scanner