-
Notifications
You must be signed in to change notification settings - Fork 2
1.Documentation
Umar Farook edited this page Dec 2, 2017
·
1 revision
- First install the Burp Rest API and generate burp_rest_api jar file from Burp-rest-api(vmware)
- After installing the Pyburp-rest-api package, then import the package and write your python script to automated Burp Suite in Continuous Security Automation pipeline.
#import pyburp-rest-api
from Burp_api import Burp_api
| Function | Description |
|---|---|
| start_burp | Running Burp API Service as a process in background |
| include_scope | Includes the specified URL in the Suite-wide scope |
| exclude_scope | Excludes the specified Url from the Suite-wide scope |
| check_scope | Query whether a specific URL is within the current Suite-wide scope. Returns true if an url is in scope |
| spider | Sends a seed URL to the Burp Spider tool. The baseUrl should be in Suite-wide scope for the Spider to run |
| active_scan | Scans through Burp Sitemap and sends all HTTP requests with url starting with baseUrl to Burp Scanner for active scan |
| delete_active_scan | Deletes the scan queue map from memory, not from Burp suite UI |
| scan_status | Returns an aggregate of percentage completed for all the scan queue items |
| issue_result | Returns all of the current scan issues for URLs matching the specified urlPrefix. Performs a simple case-sensitive text match, returning all scan issues whose URL begins with the given urlPrefix. Returns all issues if urlPrefix is null. |
| sitemap | Returns details of items in the Burp suite Site map. urlPrefix parameter can be used to specify a URL prefix, in order to extract a specific subset of the site map. |
| generate_report | Generate Report in HTML & XML Format after the active scan is completed |
| burp_config | Burp suite project-level configuration is loaded from the given JSON string |
| stop_burp | This will exit Burp Suite. Use with caution: the API will not work after this endpoint has been called. You have to restart Burp from command-line to re-enable te API. |
| Function | Paramter |
|---|---|
| start_burp | *burp_api_jar_file, protocol (Default:http), host_ip(Default:127.0.0.1), port(Default:8090), headless_mode="true"(Default:true), *java_home= (Example: '/opt/jdk' not full location '/opt/jdk/bin/java') |
| include_scope | *url |
| exclude_scope | *url |
| check_scope | *url |
| spider | *url |
| active_scan | *url |
| delete_active_scan | *url |
| scan_status | *url |
| issue_result | *url |
| sitemap | *url |
| generate_report | *url,*report_name,*formats (list) i.e ['HTML', 'XML'] |
| burp_config | *config i.e Burp Config Json file |
| stop_burp | no paramter |