Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp scan not getting started using headless mode

Meghana | Last updated: May 28, 2019 09:51AM UTC

Hi, I'm trying to automate burp scanning for iOS mobile apps. Tried the below command java -Djava.awt.headless=true -Xmx1g -jar /path/to/burp.jar --project-file=filename1.burp After using the above command the Proxy service is getting started but the scan is not happening. Can you please help me where I'm going wrong and what needs to be done.

Liam, PortSwigger Agent | Last updated: May 28, 2019 03:21PM UTC

Do you encounter any error messages? Have you changed the command to give the actual path to Burp?

Burp User | Last updated: May 29, 2019 07:56AM UTC

Yes I have changed that path to actual burp.jar file path. I'm receiving an error message saying: Extender: Headless Burp: Arguments to headless burp: Extender: Headless Burp: No arguments found for Headless Burp, quitting Then tried passing a config file which also lead me to the below error: Invalid JSON configuration found at: >>>> < <<<< ? xml version = "1.0" encoding "UTF-8" ? > < config > So can you let me know is a config file mandatory to run a burp scan in headless mode, if mandatory can you please suggest a sample config file and which format do we need to use(xml/JSON).

Liam, PortSwigger Agent | Last updated: May 29, 2019 08:15AM UTC

Meghana, we'd recomend using the Burp API to perform this functionality: - https://portswigger.net/blog/burps-new-rest-api If you do want to use the Headless Burp extension, instructions and a sample config file are available on their Github page: - https://github.com/portswigger/headless-burp Please let us know if you need any further assistance.

Burp User | Last updated: Jun 03, 2019 09:25AM UTC

Thank you for your response. I have tried Headless extension of Burp and using the below command java -Xmx1G -Djava.awt.headless=true \ -classpath burpsuite.jar burp.StartBurp \ --unpause-spider-and-scanner \ --project-file=project.burp -c config.xml Now I'm not receiving any error but the same, Proxy service is getting started and Extender: Headless Burp: Arguments to headless burp: -c config.xml there is no response after the above line, how to know whether the scan is started or not or is there any issue. Kindly help me to resolve this, if not guide me where can I get support for Headless Burp extension.

Liam, PortSwigger Agent | Last updated: Jun 03, 2019 01:16PM UTC

Meghana, extensions are developed by third party developers. We'd recommend contacting the authors of the extension: - https://github.com/portswigger/headless-burp If I can be of any further assistance, please let me know.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.