class documentation

class BurpCommander(ApiBase): (source)

View In Hierarchy

Interface for the Burp Suite Official REST API, based on ruby code burpcommander.

Parameters
proxy_url
api_portDefaults to 1337
api_key
Method active_scan Send a URL to Burp to perform active scan, the difference with BurpRestApiClient.active_scan is that this method accepts username/password for authenticated scans.
Method scan_details Get the scan details: Status, Metrics, Issues etc.
Method scan_metrics Get the metrics of a specific scan ID
Method scan_status Get the status of a specific scan ID
Method verify_uri No summary
Constant PARAMS Undocumented
Instance Variable api_key Undocumented
Instance Variable api_port Undocumented
Instance Variable proxy_url Undocumented
Property proxy_uri Undocumented
Instance Variable _logger Undocumented

Inherited from ApiBase:

Method request No summary
Method _api_request Undocumented
Method _serialize_request_kwargs Undocumented
def active_scan(self, *base_urls: str, username: str | None = None, password: str | None = None, excluded_urls: list[str] | None = None, config_names: list[str] | None = None, config_json: list[str] | None = None) -> str: (source)

Send a URL to Burp to perform active scan, the difference with BurpRestApiClient.active_scan is that this method accepts username/password for authenticated scans.

Parameters
*base_urls:strUndocumented
username:str | NoneUsername for authenticated scan.
password:str | NonePassword for authenticated scan.
excluded_urls:list[str] | NoneList of urls to exclude from the scope.
config_names:list[str] | NoneApply list of configuration names.
config_json:list[str] | NoneApply list of JSON string of configurations exported from Burp.
base_urlURLs to scan.
Returns
strThe scan ID if it was successfully launched
def scan_details(self, task_id: str) -> dict[str, Any]: (source)

Get the scan details: Status, Metrics, Issues etc.

def scan_metrics(self, task_id: str) -> dict[str, Any]: (source)

Get the metrics of a specific scan ID

def scan_status(self, task_id: str) -> str: (source)

Get the status of a specific scan ID

def verify_uri(self): (source)
Raises
BurpaErrorIf cannot connect to Burp Official REST API.

Undocumented

Value
{'active_scan': ('post',
                 '/scan',
                 Template('''{ 
                            "urls" : $base_urls,
                            "scope": {
                                    "include": [{"rule": "$include_url", "type":
"SimpleScopeDef"}],
                                    "exclude": $exclude_rules
                                },
                            "scan_configurations": $scan_configurations
                            }
                            ''')),
 'active_scan_with_auth': ('post',
                           '/scan',
                           Template('''
                            {
                                "urls" : $base_urls,
                                "scope": {
                                    "include": [{"rule": "$include_url", "type":
"SimpleScopeDef"}],
                                    "exclude": $exclude_rules
                                },
                                "application_logins": [{
                                    "password": "$password",
                                    "username": "$username"
                                    }],
                                "scan_configurations": $scan_configurations
                            }
                            ''')),
 'scan_details': ('get', Template('/scan/$task_id'), None),
 'docs': ('get', '/', None)}
api_key: Optional[str] = (source)

Undocumented

api_port: str = (source)

Undocumented

proxy_url: str = (source)

Undocumented

_logger: Logger = (source)

Undocumented