Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

How do I configure the scan using the Generic CI Driver?

Vasant | Last updated: Jan 07, 2019 09:46PM UTC

Team, I am using the Burp Enterprise edition and need assistance with using the Burp generic CI driver. Can you help me with the syntax to initiate the new scan in the CI using Generic CI driver? I have the burp generic CI driver installed on the build server. Came across the below command on one of your blogs. However, can you please help me how to pass the other parameters like the URL to be scanned, the credentials needs to be passed, scan configuration, scan name etc? java -jar burp-ci-driver-v1.0.5beta.jar http://localhost:8080/api/api-key I did use the --help flag to see the available options, but could not understand how to input the scan-definition, named-scan-configuration, custom-scan-configuration. Your help is very much appreciated.

PortSwigger Agent | Last updated: Jan 09, 2019 02:44PM UTC

In the "CI Driver download":https://portswigger.net/burp/extender/ci-integration there is a readme.txt with useful information. You need to create an Enterprise user with an API key. You can then access the API query builder: http://<server>:<port>/api/<api-key> In the API query builder you can configure details like the scan name, credentials, configurations, etc. The query builder generates a curl request containing JSON configuration. Copy the JSON and save it as myscan.json You can then run CI driver like this: bc. echo "BURP_SCAN_URL = http://foobar.com/path/" | java -jar burp-ci-driver-v1.0.5beta.jar --scan-definition=myscan.json <api-url>

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.