Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Active scanning sorting features and insertion points fine control.

Thomas Lentz Apr 24, 2018 04:58PM UTC


With the aim of automating Burp scan in a development cycle, I wish to get the proxy history of a specific Burp project and launch an active scan on each items.

To do so I was wondering if you would make the "remove duplicates" function available in the API (the same as in the menu when launching active scan on a bulk of items) ?

Secondly, is there a way to have more fine control on the insertion points that active scan will select ? More specifically, is there a possibility to whitelist certain parameters (cookies or else) ?

Thank you,

Paul Johnston Apr 30, 2018 10:06AM UTC Support Center agent

Hi Thomas,

Thanks for getting in touch.

We’ll have a discussion about making exposing the Active Scan Wizard to the extension API. This is an area that is going to change significantly in future versions of Burp, so we won’t look at the API until after that is done. In the meantime, you would need to reimplement this in your own code. The logic is not actually that complex. If you want some help, let me know.

There’s quite a lot you can do around insertion points, both manually and from an extension. In Intruder, if you define positions, you can choose “Actively scan defined insertion points” from the context menu. There’s a version of doActiveScan that provides similar control. You can also register an IScannerInsertionPointProvider and this API provides a bit more control that simply specifying payload offsets, e.g. you can do encoding. The Scanner options let you turn on and off certain insertion points, such as “URL parameter values” and you can control this config from an extension using callbacks.loadConfigFromJson().

Please let us know if you need any further assistance.

Post Your public answer

Your name
Your email address