Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Generating HTML Report When burp has been executed from commandline and doing live passive scan

Nishant | Last updated: Apr 05, 2018 09:57AM UTC

My requirement is to do a passive scan (command line) while my Selenium Functional UI tests are been executed and post execution Generate an HTML Report of all the Issues encountered. Following steps I have managed to do:- 1) Launch Burp suite in commandline with desired proxy port and desired config 2) Execute Selenium Tests at the desired proxy Need help on:- 3) After my selenium tests are executed, generate an HTML report of all the issues encountered through Command Line Is there any way point 3 can be achieved? Thanks in Advance, Nishant Shah

PortSwigger Agent | Last updated: Apr 05, 2018 10:06AM UTC

Hi Nishant, Thanks for your message. It is possible to do this with Burp using a third-party extension. Be aware that it's not core functionality and you're likely to encounter a few issues getting it working. The extension is here: - https://github.com/vmware/burp-rest-api It provides a REST API that you can access from a script that you run once the Selenium tests are completed. Please let us know if you need any further assistance.

Deven | Last updated: Nov 30, 2022 12:16PM UTC

Hi, I wanted to follow up on this if this has been solved with burp functionalities as I'm able to extract the active scan report via command line but there seems to be no solution to extract it for passive scan reports. Were you able to achieve it using the above plugin or the burpsuite has some other functionalities to achieve that. I'm using Burp Professional, thanks

Ben, PortSwigger Agent | Last updated: Dec 01, 2022 08:35AM UTC

Hi Deven, Burp Professional/Community have been designed to be used with the UI - the functionality available through the command line is extremely limited and, whilst there is a native REST API, again the functionality available through this is also fairly limited. Are you able to clarify what method you are using to generate a report via the command line?

Ngoc | Last updated: Apr 17, 2023 03:53AM UTC

Hi Nishant, I am doing exactly what you have done, install burp automatically with config files, run proxy and tester execute test through my burp pro, but i am facing some problem, please let me know email. Thanks Ngoc

Ben, PortSwigger Agent | Last updated: Apr 17, 2023 08:08AM UTC

Hi Ngoc, To confirm, there is no native way of obtaining a vulnerability through Burp without using the UI.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.