Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Burp Suite Automation

Sreedhar Shenoy Oct 14, 2019 01:09PM UTC

Hi All

We are trying to automate to test various vulnerabilities like xpath injection,sql injection, Cross-site scripting etc.

We have referred the following link

We have tried through burp-rest-api as well as carbonator
The issue is that we are not able to select the individual scan types (xpath injection,sql injection, Cross-site scripting) .
Can you suggest if there is any way for this.

Also since we will be running the burp suite multiple times please confirm if there are any license issues

Liam Tai-Hogan Oct 14, 2019 01:19PM UTC Support Center agent

Sreedhar, which version of Burp are you using to perform your testing?

Sreedhar Shenoy Oct 14, 2019 05:24PM UTC
Burp Suite Professional 2.1.04

Liam Tai-Hogan Oct 15, 2019 07:49AM UTC Support Center agent

You can do this via the REST API:

Configure your scan configuration.

Save the file to the configuration library.

In the REST API toolkit, use the scan_configurations > Named Configuration property.

Sreedhar Shenoy Oct 30, 2019 11:14AM UTC
Hi is there any option through extensions like carbonator to scan for specific vulnerability like xpath injection, sql injection

Liam Tai-Hogan Oct 31, 2019 10:35AM UTC Support Center agent

Sreedhar, I don’t think there is an extension that will perform as you require.

Post Your public answer

Your name
Your email address