Automating web application scanning with Burp Suite

Burp Suite Professional has exposed an additional functionality for pen-testers in terms of its API. With the help of the Burp Suite Professional API, a tester can automatically invoke a scan and integrate their findings with other tools as well.

Burp suite currently offers API support with its licensed version (burp-suite professional). This is one of the utility that all cyber security professionals must have. I would recommended to get the licensed version of Burp Suite in order to get maximum out of this chapter.

Start Burp Suite and configure the API as follows:

Then, start the API and ...

Get Hands-On Penetration Testing with Python now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.