Burp Suite User Forum

Scan Configuration

Darren | Last updated: Oct 18, 2019 01:59PM UTC

I am building an extension that calls doActiveScan and doPassiveScan. Is there a way to specify the scanner configuration. Currently tasks are created and there is a default scanner configuration used named Current auditing configuration. Is there a way to specify the configuration to be used by the scanner. I have tried exporting a scanner configuration and calling loadConfigFromJson but every time the task starts it used Current auditing configuration.

Mike, PortSwigger Agent | Last updated: Oct 21, 2019 09:57AM UTC

Hi Darren, this isn't something that is currently supported in the extensions API. IBurpExtenderCallbacks.loadConfigFromJson(java.lang.String config) is used to load a project-level configuration which is different to a scan configuration, so, unfortunately, you will not be able to use this method to solve your issue. I can create a feature request for this if this is something that you would be interested in?

Burp User | Last updated: Oct 21, 2019 03:24PM UTC

That would be fantastic Mike, I would definitely be interested in this.

Mike, PortSwigger Agent | Last updated: Oct 24, 2019 07:39AM UTC

No problem, I have created that feature request which includes a factory class to assist with creating the scan configuration which we can then pass IBurpExtenderCallbacks.doActiveScan() to make configuration much easier. I have associated this thread to help prioritize it and to notify you if it gets released.

Ben, PortSwigger Agent | Last updated: Dec 11, 2019 11:49AM UTC

Thank you for the feedback. We will notify this thread when there is further news on this feature.

Burp User | Last updated: Jan 30, 2020 08:05PM UTC

Hi I also would like this! This is a breaking change from 1.x to 2.x I think.

You need to Log in to post a reply. Or register here, for free.