This extension allows you to run Burp Suite’s Spider and Scanner tools in headless mode via the command-line. It can:
- Run burp scan in headless or GUI mode.
- Specify target sitemap and add URL(s) to Burp’s target scope.
- Use the seed request/response data saved in a project file, generated by any integration, functional or manual testing.
- Mark issues as false positives, these will not be reported in the scan report anymore.
- Spider the target scope.
- Actively scan the target scope.
- Generate a scan report in JUnit, HTML, or XML format. The JUnit report can be used to instruct the CI server to fail the build when vulnerabilities are found.
- Shut down Burp
For more detailed examples and the config file format, consult the extension’s Github repository.