In order to initiate a burp scan on a target you will have to configure your burp credentials first. More about how to configure burp credentials here.
Usage Flow Instructions
- Once you have configured your credentials, navigate to ‘Dynamic Application Scanners’ under ‘Connectors’ and click on Burp Suite REST API.
You will be prompted to enter your configuration details.
- Enter a ‘Configuration Name’ and select your ‘Burpsuite Credential’.
- Select a ‘Baseline’ to log the vulnerabilities and click on ‘Next’.
- Now select an ‘Asset’ against which you want the vulnerabilities to get populated and enter your targets in the ‘Batch Target’.
- Select the frequency of scheduling the config scan and click on ‘Next’.
- Select any Tracking & Notification tool configurations if needed and click on Submit.
- The configuration is now created for you.
- Now click on ‘New Scan’ and you will be prompted to enter the URL of the target on which you want to run the Burp Scan.
- Enter the URL and click on ‘Scan’.
Note : Only the URL entered in this step will be scanned.
- The scan will get initiated and once the scan is done the results will get populated against the Asset which you have chosen.