How do I configure the scan using the Generic CI Driver?
I am using the Burp Enterprise edition and need assistance with using the Burp generic CI driver.
Can you help me with the syntax to initiate the new scan in the CI using Generic CI driver? I have the burp generic CI driver installed on the build server.
Came across the below command on one of your blogs. However, can you please help me how to pass the other parameters like the URL to be scanned, the credentials needs to be passed, scan configuration, scan name etc?
java -jar burp-ci-driver-v1.0.5beta.jar http://localhost:8080/api/api-key
I did use the --help flag to see the available options, but could not understand how to input the scan-definition, named-scan-configuration, custom-scan-configuration.
Your help is very much appreciated.
In the CI Driver download there is a readme.txt with useful information.
You need to create an Enterprise user with an API key. You can then access the API query builder: http://<server>:<port>/api/<api-key>
In the API query builder you can configure details like the scan name, credentials, configurations, etc.
The query builder generates a curl request containing JSON configuration. Copy the JSON and save it as myscan.json
You can then run CI driver like this:
echo "BURP_SCAN_URL = http://foobar.com/path/" | java -jar burp-ci-driver-v1.0.5beta.jar --scan-definition=myscan.json <api-url>