Getting Started with Burp Suite
Burp Suite Documentation
Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.
| Burp Suite Professional and Community editions | Burp Suite Enterprise Edition |
| Burp Scanner | Burp Collaborator |
| Burp Infiltrator | Full Documentation Contents |
Burp Extender
Burp Extender lets you extend the functionality of Burp Suite in numerous ways.
Extensions can be written in Java, Python or Ruby.
| API documentation | Writing your first Burp Suite extension |
| Sample extensions | View community discussions about Extensibility |
Scanning a site with basic authorization (Burp suite enterprise Rest API)
Hello. I want to scan sites where basic authorization is installed. What tokens can I use in building a curl request for basic authorization?
curl -vgw "\n" -X POST 'http://burp.link.to.rest.api/v0.1/scan' -d '{ (???basic auth???) "scan_configurations":[{"name":"Audit checks - all except Java .......
Thank You!
Regards.
Have you tried setting and saving Burp’s platform authentication settings to a User options configuration file:
- https://support.portswigger.net/customer/portal/articles/2927576-configuring-ntlm-with-burp-suite
Then loading the config file when you start Burp:
- https://support.portswigger.net/customer/portal/articles/2928360-using-burp-s-command-line-arguments
Than You!
Kind regards.
You need to export the working custom configuration then add it to your command using the toolkit. We’ve sent a screenshot to your email.
Hi Andrii,
Thanks for following up. 401 means “unauthorized” so indicates there’s some problem with the API token you used.
To use the Burp Enterprise REST API you need to create a user in the Team screen, with an API key and appropriate permissions. When you do this, you get a popup dialog with the API URL to use. We will email you a screenshot of this.