Burp Suite User Forum

Login to post

Scan POST Parameter with REST API

Tobias | Last updated: Nov 25, 2019 08:57PM UTC

Hi, I am currently testing the REST API of the Burpsuite Pro and trying to scan POST parameters. The scan starts but only the GET requests to the URL I entered in the scope are scanned. The POST request with parameters is in the Traget list. What do I have to set to scan the POST parameters as well? Greetz Tobi

Michelle, PortSwigger Agent | Last updated: Nov 26, 2019 09:40AM UTC

Hi To start with, I’d check the details of the API command Do the scope and crawl settings encompass the pages that contain the post request you’re interested in? With the crawl settings, it's worth checking what crawl optimization and crawl limits are being used. Is the target you’re scanning a REST API? If there's any specific configurations you want to share with us directly you can also contact us via email (support@portswigger.net)

You need to Log in to post a reply. Or register here, for free.