Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

How do I get a latest scan from the list of scans for a specific site?

Manasa | Last updated: Nov 08, 2021 11:04AM UTC

I'm using the following query to get the list of scans associated with a site. It returns me list of scans associated with the specific site. But how do I get the latest scan out of it? query getScans($site_id : ID!) { scans(site_id: $site_id) { id, status, start_time, end_time, scan_delta { new_issue_count }, site_id } }

Uthman, PortSwigger Agent | Last updated: Nov 08, 2021 11:46AM UTC

Hi,

You can sort your results by various fields listed here.

To retrieve the last scan from your example, you can set the limit to '1' like below: 

query getScans($site_id : ID!) {
  scans(site_id: $site_id, limit: 1) {
    id,
    status,
    start_time,
    end_time,
    scan_delta {
      new_issue_count
    },
    site_id
  }
}

Manasa | Last updated: Nov 08, 2021 02:30PM UTC

Thanks much for the quick response. A follow-up to this, Once this scan is retrieved I would like to get all the associated issues with each of the scan. For now, here is what I'm doing. In the scans object, i'm getting the typeIndex using the below query. query getScan($id : ID!) { scan(id: $id) { id, issue_type_groups(severities: [high, medium, low, info], confidences: [tentative, firm, certain, false_positive], novelties:[repeated, new, regression, first]) { issue_type{ type_index, name, description_html, remediation_html, vulnerability_classifications_html, references_html } } } Once the typeIndex is retrieved, using the same scan endpoint to retreive the Issues with the typeIndex as a parameter. query getScan($id : ID!) { scan(id: $id) { issues(type_index: 16777472, start: 0, count: 10, severities: [info, high, medium, low], confidences: [tentative, firm, certain, false_positive], novelties: [repeated, new, regression, first]) { serial_number, path, origin } } } Again for fetching issue specific information, this serial_number is used in Issues object. This solution involves more API calls and looks tedious too. Is there an anyother efficient way to fetch list of issues associated with a scan?

Uthman, PortSwigger Agent | Last updated: Nov 08, 2021 02:43PM UTC