Burp Suite User Forum

Login to post

Initiating scans through API

Burp User | Last updated: Oct 04, 2019 08:15AM UTC

Hi, Every scan initiated via Burp's API initiates a crawling and auditing stage. It is possible to pre-configure an audit configuration and use it for the scan. However, I don't see an option to do that for a crawling configuration, or even to initiate a scan without the crawling stage altogether. Can you please confirm if it is/isn't possible to do that in a Pro version? If not, can you advise if there's intention to add such feature in the near future? Thanks

Mike, PortSwigger Agent | Last updated: Oct 04, 2019 12:55PM UTC

Hi, for the crawl configuration, this can be configured in Burp Suite Professional, saved to the configuration library and specified in the REST API the same way an audit configuration can. Unfortunately, there isn't an option to specify a specific crawl/audit operation, is this something you would be interested in or is it just a general query?

Burp User | Last updated: Oct 05, 2019 10:06AM UTC

Hi, Thank you for your quick response. "same way an audit configuration can" - cheers, that worked ideally. It might be worth adding this information in the "Toolkit" API request builder;-) "is this something you would be interested" - of course! In the same way as in expending the API features in general. Thanks

Mike, PortSwigger Agent | Last updated: Oct 07, 2019 01:43PM UTC

No problem, it looks like we already have a feature request open for this in our backlog, so I have associated your query to help prioritize it and to notify this thread if it gets released.

You need to Log in to post a reply. Or register here, for free.