burpa.BurpCommander

class documentation

class BurpCommander(ApiBase): (source)

View In Hierarchy

Interface for the Burp Suite Official REST API, based on ruby code burpcommander.

Parameters
proxy_url
api_portDefaults to 1337
api_key
Method active_scan Send a URL to Burp to perform active scan, the difference with BurpRestApiClient.active_scan is that this method accepts username/password for authenticated scans.
Method scan_details Get the scan details: Status, Metrics, Issues etc.
Method scan_metrics Get the metrics of a specific scan ID
Method scan_status Get the status of a specific scan ID
Method verify_uri No summary
Constant PARAMS Undocumented
Instance Variable api_key Undocumented
Instance Variable api_port Undocumented
Instance Variable proxy_url Undocumented
Property proxy_uri Undocumented
Instance Variable _logger Undocumented

Inherited from ApiBase:

Method request No summary
Method _api_request Undocumented
Method _serialize_request_kwargs Undocumented
def active_scan(self, *base_urls: str, username: Optional[str] = None, password: Optional[str] = None, excluded_urls: Optional[List[str]] = None, config_names: Optional[List[str]] = None, config_json: Optional[List[str]] = None) -> str: (source)

Send a URL to Burp to perform active scan, the difference with BurpRestApiClient.active_scan is that this method accepts username/password for authenticated scans.

Parameters
*base_urls:strUndocumented
username:Optional[str]Username for authenticated scan.
password:Optional[str]Password for authenticated scan.
excluded_urls:Optional[List[str]]List of urls to exclude from the scope.
config_names:Optional[List[str]]Apply list of configuration names.
config_json:Optional[List[str]]Apply list of JSON string of configurations exported from Burp.
base_urlURLs to scan.
Returns
strThe scan ID if it was successfully launched
def scan_details(self, task_id: str) -> Dict[str, Any]: (source)

Get the scan details: Status, Metrics, Issues etc.

def scan_metrics(self, task_id: str) -> Dict[str, Any]: (source)

Get the metrics of a specific scan ID

def scan_status(self, task_id: str) -> str: (source)

Get the status of a specific scan ID

def verify_uri(self): (source)
Raises
BurpaErrorIf cannot connect to Burp Official REST API.
PARAMS = (source)
overrides burpa._api_base.ApiBase.PARAMS

Undocumented

Value
{'active_scan': ('post',
                 '/scan',
                 Template('''{ 
                            "urls" : $base_urls,
                            "scope": {
                                    "include": [{"rule": "$include_url", "type":
"SimpleScopeDef"}],
                                    "exclude": $exclude_rules
                                },
                            "scan_configurations": $scan_configurations
                            }
                            ''')),
 'active_scan_with_auth': ('post',
                           '/scan',
                           Template('''
                            {
                                "urls" : $base_urls,
                                "scope": {
                                    "include": [{"rule": "$include_url", "type":
"SimpleScopeDef"}],
                                    "exclude": $exclude_rules
                                },
                                "application_logins": [{
                                    "password": "$password",
                                    "username": "$username"
                                    }],
                                "scan_configurations": $scan_configurations
                            }
                            ''')),
 'scan_details': ('get', Template('/scan/$task_id'), None),
 'docs': ('get', '/', None)}
api_key: Optional[str] = (source)

Undocumented

api_port: str = (source)

Undocumented

proxy_url: str = (source)

Undocumented

@property
proxy_uri: str = (source)
overrides burpa._api_base.ApiBase.proxy_uri

Undocumented

_logger: Logger = (source)
overrides burpa._api_base.ApiBase._logger

Undocumented