Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

How do I automate Intruder Attack?

nivedha | Last updated: Jan 28, 2016 05:36AM UTC

How to start intruder start attack button through burp extender python API?

PortSwigger Agent | Last updated: Jan 28, 2016 09:24AM UTC

There isn't currently a way to start an Intruder attack via the API. Intruder attacks currently require manual configuration before launch.

PortSwigger Agent | Last updated: Feb 19, 2016 09:13AM UTC

Hi Schweta, Thanks for getting in touch. I'm just trying to properly understand your use case. As you say, it is possible to automate the Scanner with Burp. Doing this requires an extension (usually Carbonator or Burp REST API) and some fiddling. Future versions of Burp will have better support for this. It's not possible to automate Intruder. However, if you're prepared to do some coding, you can write an extension that sends some requests using the Burp HTTP stack. Depending on your exact requirements this may be useful for you. Please let us know if you need any further assistance.

Burp User | Last updated: Apr 27, 2018 11:01AM UTC

Hi Dafydd, Can you please elaborate what configuration we need before launch. Actually I am looking for the Automation process by which we can automate the manual integration which we are doing by Payloads. As we have around 125 API's to test for around 1000 inputs which we are doing manually by using payloads in Burp Suite and the test cases which we have cant be tested out by Scanning only. I saw so many vedios and read many of the documents but there is only thing is to automate Scanning part and get the reports by a one click using different languages like Python, etc. If you can please help me out with some solution, it would be a great help. Thanks in advance! Shweta

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.