Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Getting scan ID for querying scan result

Attila | Last updated: Sep 07, 2020 11:38AM UTC

I create a ScheduleItem using the GraphQL API of Burp Enterprise. How can I get the ID of the scan (or scans) using the GraphQL API in order to query the result of the scan? I cannot find how the ScheduleItem or Site is connected to the scan in the API.

Michelle, PortSwigger Agent | Last updated: Sep 07, 2020 01:23PM UTC

When you create a ScheduleItem using the GraphQL API the response will return the schedule_item id. If you query all scans the schedule_item id can be included in the results: https://portswigger.net/burp/extensibility/enterprise/graphql-api/Scan.html For example, you could use something like this to get the details for all the scans: query GetScans {scans{id,site_id,status,schedule_item{id}}} or this to get the scans for a specific site: query GetScans {scans(site_id:10){id,site_id,status,schedule_item{id}}} I’m afraid it isn't currently possible to filter the scans query using the schedule_item id but this is an idea we have passed on to our product team to help improve the capabilities of the GraphQL API Please let us know if you need any further assistance.

Attila | Last updated: Sep 07, 2020 02:48PM UTC

Before running the "GetScans {scans(site_id:10)..." request, I queried the Sites, but the "Site URL" is not returned on the GraphQL API of Burp Enterprise. So I cannot implement the following use case: 1. I create a ScheduleItem to start a scan for site "www.xxx.com") 2. I query (with GetScans) the scans for the site "www.xxx.com" 3. Filter the results with ScheduleItem ID It does not work, because I cannot get the Site id through the API, because the "Site URL" is not in the result set of the SiteTree query.

Michelle, PortSwigger Agent | Last updated: Sep 08, 2020 08:49AM UTC

Hi Can you tell us a bit more about the query you are running that is not returning the data you need? If you are querying the SiteTree it is possible to get it to return the included and excluded URLs, if this would help: https://portswigger.net/burp/extensibility/enterprise/graphql-api/SiteTree.html For example: query GetSite { site_tree { sites { id, name, scope {included_urls, excluded_urls} } } }

Attila | Last updated: Sep 10, 2020 12:00PM UTC

You advised to query the scans with the site id: query GetScans {scans(site_id:10){id,site_id,status,schedule_item{id}}} But I cannot get site id, because the following query does not return the Site URL. I tried to find the site which matches the Site URL, but it is not returned in the query GetSite.

Michelle, PortSwigger Agent | Last updated: Sep 10, 2020 01:48PM UTC

Would you be happy to share the query you used to try and find the Site URL?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.