Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Report wasn't generated after scan finished #17

Open
IgorSasovets opened this issue Apr 1, 2019 · 10 comments
Open

Report wasn't generated after scan finished #17

IgorSasovets opened this issue Apr 1, 2019 · 10 comments

Comments

@IgorSasovets
Copy link

Hi, team! I faced with next issue: after headless-burp-scanner finished its work and terminated there wasn't generated report in project folder. Scan which had 17 urls in scope took approximately 6 hours to complete. I reviewed generated Burp project file in UI mode and didn't find any errors, all tasks were completed. What could go wrong in this case? Thanks in advance!
@IgorSasovets
Copy link
Author

Here is my config file:

<?xml version="1.0" encoding="UTF-8"?>
<config>
  <reportType>HTML</reportType>
  <targetSitemap><![CDATA[http://localhost:5000/api/]]></targetSitemap>
  <scope>
<url><![CDATA[http://localhost:5000/api/auth/]]></url>
<url><![CDATA[http://localhost:5000]]></url>
<url><![CDATA[http://localhost:5000/api]]></url>
<url><![CDATA[http://localhost:5000/api/account]]></url>
<url><![CDATA[http://localhost:5000/api/account/accept]]></url>
  </scope>
</config>

@0xm4ud
Copy link

0xm4ud commented Dec 19, 2019

@IgorSasovets have you manage to find a fix, bud ?

@IgorSasovets
Copy link
Author

Hi, @m4udSec ! Unfortunately, no. I was forced to use BurpSuite REST API because after upgrade to the latest BurpSuite Pro version scan didn't start at all.

@Anurag599
Copy link

Hi @IgorSasovets are you able to generate report through BurpSuite Rest API? if yes, can you please help me how to do it?

@IgorSasovets
Copy link
Author

Hello @Anurag599 , unfortunately no. I managed to achieve my goals using burp-rest-api tool. So far, it works well with the latest versions of Burp Suite

@gabriel-cardoso-dev
Copy link

Hello, @IgorSasovets. Can't you generate a report with burp-rest-api either? I'm making a project where I'm supposed to send an xml report from Burp to DefectDojo, a tool that would store and do the management of the vulnerabilities, but it seems to be impossible to generate a report with headless burp.

@Anurag599
Copy link

Hello @IgorSasovets , How are you able to generate report using burp-rest-api? It would be great help if you share some sort of solution.

@IgorSasovets
Copy link
Author

@gabriel-cardoso-dev , @Anurag599 , in order to generate report using burp-rest-api tool you should do the following (I assume that at the moment of generating report active scan is done and your target domain name was added to scope):

curl -X GET "http://localhost:8090/burp/report?reportType=HTML&urlPrefix=http%3A%2F%2Fexample.com"

where http%3A%2F%2Fexample.com represents the tested application URL.
More details about the allowed APIs can be reviewed in the documentation.

@gabriel-cardoso-dev
Copy link

Thank you very much @IgorSasovets , I'll try it out!

@Anurag599
Copy link

Thanks a lot @IgorSasovets, I tried and it is working perfectly fine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@IgorSasovets @gabriel-cardoso-dev @0xm4ud @Anurag599