tristanlatr / burpa Goto Github PK

Hey!

Is there an option to scan POST requests? Couldn't find it in the docs

Thanks!

Currently, it's only part of the "burpa shedule" command.

The issue is that if one submit a list of 300 urls to the "burpa scan" command, 300 scans will be triggered right from the start, potentially using a lot of the Burp Suite Server resource.

It's probably not a big deal since Burp Suite should be able to handle such bulk requests, on the other hand, having the option on the "burpa scan" command is not a lot of extra work.

It would quite simple to add --recorded-login-label <string> and --recorded-login-script <string or path> that fills the following active scan params:

{
""application_logins":"[
  {
    "label": String,
    "script": String
  }]
}

All scans are started at the same time, as soon as it's inside the right time window.

If I scan https://foo/bar/baz burpa will add https://foo/bar/ to the target scope. However, if the redirect is to https://foo/ this will be out of scope.

I did not see an easy way to update the target scope. The best I could find is using _ names (eg _api) to try to force it. This does not seem to be a good way to do this.

Is this a feature that needs to be added? If so I can do that, but if there is already a way (either with a JSON config or via a call) I would rather use that.

See vmware/burp-rest-api#125

This new features should politely fail if burp-rest-api is not updated to the latest version yet.

This CSV should at least include:

• Host
• Path
• Vulnerability name
• Severity
• Confidence
• CWE Classification

Maybe the CSV can be created from the XML report.

Hi,

How to install burpa in Windows OS machine.

Python & Pip version supported ?

burp-rest-api docs:

--apikey= : Enables API key authentication to protect APIs at /burp/*. The customApiKey, if passed as an argument, must be included in every HTTP request as an additional header: "API-KEY: ".

I'll create a new burpa argument: --api-key

Hi @tristanlatr,

Do we have burpa command to initiate active scan the URLs from Target sitemap in-scope URL specified. Can we have authenticated scan from session handling rules.

Hi,

After updating my Burp Suite JAR file to v2023.7.2, I noticed that none of my scans were returning any reports following the update. I did some testing, and it looks like something has changed in the latest Burp Suite release that breaks Burpa. Every scan that I perform shows the proper logging in the Burp Suite interface itself (with headless mode disabled), but none of these errors reach the Burpa console log.

As a result, each scan ends with the message "No issue could be found for the target http://..." and doesn't output anything to the folder that I have specified the reports to be saved to. I can't tell if this is an issue with Burpa or one of the other APIs that it's using to generate reports. If you could please look into this, I would really appreciate it! Additionally, if you need help reproducing the issue, I'd be happy to assist.

Thanks in advance for your help!

It would be nice to be able to get the report_file_name from Burpa rather than trying to guess which file it is. This is especially helpful with automated scanning and post-processing after the scan (for example when using XML).