Burp Suite User Forum

Create new post

Extract Report via GRAPHQL

Telefonica | Last updated: Apr 01, 2024 08:07PM UTC

Hello everyone, I'm trying to collect via graphql the following information, necessary order: issue name, site name, issue criticality I need this for all my completed scans Could you help? Best Regards,

Josh, PortSwigger Agent | Last updated: Apr 02, 2024 09:55AM UTC


Due to performance decisions made by the developers, there is, unfortunately, no way to do this directly through the GraphQL API. However, with a bit of Python, you can make this work. Below is a Python script that will retrieve this data and print it out. Feel free to modify it to suit your use case best.

To run the script, you'll need to replace lines 4-8 with the correct information to connect to your Enterprise instance, and you'll also need to have installed the requests module through pip.

It's important to point out that this script actively doesn't verify the SSL certificates of the Enterprise server. I made this change to make connecting to servers with self-signed certificates easier. However, it comes with a security risk that the connection is open to man-in-the-middle attacks. As long as you are educated on these risks, there isn't an issue in running the script.

import requests

# Variables to replace with your actual information
api_key = '<api_key>'
enterprise_protocol = '<protocol>'
enterprise_host = '<host>'
enterprise_port = '<port>'
number_scans_to_return = 1_000_000

url = f'{enterprise_protocol}://{enterprise_host}:{enterprise_port}/graphql/v1'
headers = {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer ' + api_key,

# Function to execute GraphQL queries
def execute_graphql_query(query, variables=None):
    response = requests.post(url, headers=headers, json={'query': query, 'variables': variables}, verify=False)
    if response.status_code == 200:
        return response.json()
        raise Exception(f"Query failed with status code {response.status_code} and message {response.text}")

# Query to fetch all scans
query_fetch_scans = '''
query FetchScans {
  scans {

# Query to fetch issues for a given scan
query_fetch_issues = '''
query GetIssuesForScan($scanId: ID!, $start: Int!, $count: Int!) {
  scan(id: $scanId) {
    scan_target {
    issues(start: $start, count: $count) {
      issue_type {

def fetch_all_issues():
    # Fetch all scans
    scans_response = execute_graphql_query(query_fetch_scans, variables={})
    scans = scans_response['data']['scans']

    # For each scan, fetch issues
    for scan in scans:
        scan_id = scan['id']
        issues_response = execute_graphql_query(query_fetch_issues, variables={'scanId': scan_id, 'start': 0, 'count': number_scans_to_return})
        issues = issues_response['data']['scan']['issues']
        site_name = issues_response['data']['scan']['scan_target']['name']

        for issue in issues:
            print(f"Site Name: {site_name}, Issue Name: {issue['issue_type']['name']}, Severity: {issue['severity']}")

if __name__ == "__main__":

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.