Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Scan all my API endpoints in a single call - BURP enterprise

Todd | Last updated: Jan 21, 2021 06:35PM UTC

I want to call my BURP suite after a release to scan my newly released API. For instance I call : https://burp.myserver.org:8080 With the payload : {"urls": ["https://dev-myAPI.mysite.org"] } I was hoping BURP could somehow know all my endpoints from that but it doesnt look like it and that makes sense... so instead I tried sending my SWAGGER page to BURP hoping it could glean the endpoints from SWAGGER but its still not calling the endpoints. Is there a way to do this? Thanks!

Liam, PortSwigger Agent | Last updated: Jan 22, 2021 09:04AM UTC

Burp Scanner is able to scan both JSON and YAML-based API definitions for vulnerabilities. By default, the crawler attempts to parse any API definitions that it encounters to identify potential endpoints, along with their supported methods and parameters. You can also explicitly provide the URL of an API definition when launching a scan. Based on the endpoints that it discovers, Burp Scanner is then able to derive new locations to crawl and audit. Burp Scanner needs to be able to parse an API definition in order to scan it. Currently, this is only possible for definitions that meet the following requirements: The API definition must be an OpenAPI version 3.x.x specification. The crawler uses the openapi key at the top level of the definition to help identify whether a discovered document is an API definition. The API definition must not contain any external references. - https://portswigger.net/burp/documentation/desktop/scanning/api-scanning

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.