Burp Automation: Performing automated scan using Burp Suite Pro

by do son · August 27, 2021

Burp Automation

Performing automated scan using Burp Suite Pro & Vmware Burp Rest API with Robot Framework using Python3. It can be also used in Jenkins to perform automated UI tests. This will initiate an automated spider and crawler by leveraging the power of the Burp Scanner along with the burp extender. Once the scan is complete the report is generated in HTML & CSV which is automatically uploaded in the GDrive Folder.

What it does

One-click run using bash installs all the dependencies with verbose prerequisites.
Uses python3 and robot framework which is easy to automate.
Uses Burp Suite Rest API and runs Burp Suite Professional (pre-activated) in the headless mode along with multiple Burp Suite extensions like additional-scanner-checks, BurpJSLinkFinder, and active-scan-plus-plus.
Automatically performs pentest of API/Web endpoint including scope addition and deletion using robot script.
Automatically upload reports in CSV & HTML into Google Drive in YYYY-MM-DD format.
Slack integration for real-time alerts.