Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Start Active Scan through Extension

Michael | Last updated: Jan 02, 2018 11:47PM UTC

I'm trying to write an extension that starts an Active Scan of a spider crawled URL. Is this possible? I tried calling the doActiveScan method in registerExtenderCallbacks method but it doesn't seem start Active Scan. In the UI, I would right click the URL in Target -> Site map and select "Actively scan this host". I wanted to automate that with an extension but can't seem to figure it out looking through the API.

PortSwigger Agent | Last updated: Jan 03, 2018 09:08AM UTC

Hi Michael, Thanks for your message. doActiveScan() is the API call to start an Active Scan. However, if the Scanner is paused, the user will need to un-pause it in the GUI before the scan will start. This is an important safety precaution that makes sure the user remains in control of Scanner activity. Please let us know if you need any further assistance.

Burp User | Last updated: Jan 05, 2018 12:43AM UTC

I currently do not have anything in the scan queue because all scans have been completed. I want it to do a rescan of all the scanned URLs. In the UI when "Actively scan this host" is used it automatically adds back all the scanned URLs into the "Scan queue" tab. Calling doActiveScan() doesn't seem to do that. Am I missing something? doActiveScan seems to work only when I already have existing unscanned or in progress URLs in the scan queue.

PortSwigger Agent | Last updated: Jan 05, 2018 07:53AM UTC

Hi Michael, Sorry for the delay in replying. doActiveScan only creates a single scan item at a time - it can't scan a whole host/branch like you can from the UI. However, you can use callback.getSiteMap() to fetch a portion of the site map, and then call doActiveScan on each one. If you need some assistance with that just let me know.

Burp User | Last updated: Feb 09, 2018 01:19AM UTC

That was a big help. I looped through callback.getSiteMap() and called doActiveScan for each URL.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.