-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Burpsuite Professional Integration
xer0dayz edited this page Nov 3, 2021
·
2 revisions
To enable automated Burpsuite scans via Sn1per, you must have Burpsuite Professional 2020.x or newer running with the following configuration under User options > Misc > REST API.
- REST API service enabled on port 1338/tcp (localhost)
- Allow access without API key enabled
To set a custom Burpsuite host and port, edit your /root/.sniper.conf file with the following values:
# BURP 2.0 SCANNER CONFIG
BURP_HOST="127.0.0.1"
BURP_PORT="1338"
# ACTIVE WEB PLUGINS
BURP_SCAN="1"
After setting up Burpsuite, you can then run "webscan" mode or "masswebscan" mode to initiate an automated Burpsuite scan against a defined target (ie. sniper -t website.com -m webscan -w website.com).