Scan POST Parameter with REST API
I am currently testing the REST API of the Burpsuite Pro and trying to scan POST parameters.
The scan starts but only the GET requests to the URL I entered in the scope are scanned.
The POST request with parameters is in the Traget list.
What do I have to set to scan the POST parameters as well?
To start with, I’d check the details of the API command
Do the scope and crawl settings encompass the pages that contain the post request you’re interested in? With the crawl settings, it’s worth checking what crawl optimization and crawl limits are being used.
Is the target you’re scanning a REST API?
If there’s any specific configurations you want to share with us directly you can also contact us via email (firstname.lastname@example.org)