Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

GraphQL queries to get all issues of the lastest successful scan on a site

Ben | Last updated: May 27, 2020 08:15PM UTC

Hi! I'm trying to use the new GraphQL API to pull issue data from scans performed by Burp Enterprise. I want to correlate issues to a Site via the latest scan performed on the Site. Through experience in the API, I've also seen that issues can't be retrieved from a list of scans because of "performance reasons" so I need some guidance on how to work around that. *** Sites -> Scans *** I noticed that the Site object doesn't allow you to query a list of Scans. I also noticed that when you attempt to query all Scans, fetching the "site_name" field is not supported. However, I can query all Scans to get site_id which can be used to get the Site name field from querying the SiteTree. Using Scan fields status, end_time, and site_id I can figure out the latest successful scan performed on a Site. *** Scans -> Issues *** Here's where I need some guidance: Given a specific scan, how do I retrieve ALL issues? Retrieving Issues from a scan requires three arguments: type_index, start, and count. I'm assuming start is like offset and count is the number of issues to return. But what is type_index? The docs just say "a unique identifier for the issue type" I see that I can query IssueTypes from a single scan which includes the "type_index" ID. I can use this type_index to then get issues of a specific type from a specific scan! but it's not very easy/intuitive. All that said, I have a few questions: - Is there a recommended method (better than what I am doing) of correlating Sites to Scans? - Does "type_index" map to human readable issue types? Does Burp Pro have like a JSON file I could reference for this? - Is there an easier way to get a list of issues from a scan without having to specify the type_index? Or is there a GraphQL technique to pass the type_index from the IssueTypes object? (I'm still a GraphQL noob :) I guess all I really mean to ask is: Can y'all add some examples to the docs please?? thanks!!

Michelle, PortSwigger Agent | Last updated: May 29, 2020 02:31PM UTC

We are going to be adding functionality, hopefully later this year, to the GraphQL API so that you will be able to get the latest scan for a site. In the meantime the approach you are using is good. The type_index will always map to the same issue title, we have raised a bug to address the fact the title of issues is missing. In the meantime, as an alternative, would the scan report be useful, or is that not the kind of format you were looking for? We will be working on some documentation around common tasks people may want to carry out using the GraphQL API, I can’t promise an exact date just yet, but it is on our list.

Uthman, PortSwigger Agent | Last updated: Jul 23, 2020 03:05PM UTC

Hi Ben, We have made some changes to the GraphQL API that should allow you to retrieve all issues for a scan. Please can you double-check that this is working as expected and let us know if you encounter any issues?

Manasa | Last updated: Nov 08, 2021 11:21AM UTC

@Ben I'm looking for a query to list all the issues associated with a scan. can you please provide the query for it?

Manasa | Last updated: Nov 08, 2021 11:21AM UTC

@Ben I'm looking for a query to list all the issues associated with a scan. can you please provide the query for it?

Michelle, PortSwigger Agent | Last updated: Nov 08, 2021 12:45PM UTC

Hi We've replied on your other thread here: https://forum.portswigger.net/thread/how-do-i-get-a-latest-scan-from-the-list-of-scans-for-a-specific-site-b6a5aa74

Manasa | Last updated: Nov 08, 2021 02:31PM UTC

Hi Michelle, Thanks for your response. But other post talks about fetching latest scan from the list of scans associated with a specific site. Here, I would like to understand about how to efficiently we can fetch list of issues associated with each scan. For now, here is what I'm doing. In the scans object, I'm getting the typeIndex using the below query. query getScan($id : ID!) { scan(id: $id) { id, issue_type_groups(severities: [high, medium, low, info], confidences: [tentative, firm, certain, false_positive], novelties:[repeated, new, regression, first]) { issue_type{ type_index, name, description_html, remediation_html, vulnerability_classifications_html, references_html } } } Once the typeIndex is retrieved, using the same scan endpoint to retreive the Issues with the typeIndex as a parameter. query getScan($id : ID!) { scan(id: $id) { issues(type_index: 16777472, start: 0, count: 10, severities: [info, high, medium, low], confidences: [tentative, firm, certain, false_positive], novelties: [repeated, new, regression, first]) { serial_number, path, origin } } } Again for fetching issue specific information, this serial_number is used in Issues object. This solution involves more API calls and looks tedious too. Is there an anyother efficient way to fetch list of issues associated with a scan?

Uthman, PortSwigger Agent | Last updated: Nov 08, 2021 03:37PM UTC