Skip to content

Burpsuite Professional Integration

Jump to bottom
xer0dayz edited this page Nov 3, 2021 · 2 revisions

To enable automated Burpsuite scans via Sn1per, you must have Burpsuite Professional 2020.x or newer running with the following configuration under User options > Misc > REST API.

  • REST API service enabled on port 1338/tcp (localhost)
  • Allow access without API key enabled

To set a custom Burpsuite host and port, edit your /root/.sniper.conf file with the following values:

# BURP 2.0 SCANNER CONFIG
BURP_HOST="127.0.0.1"
BURP_PORT="1338"

# ACTIVE WEB PLUGINS
BURP_SCAN="1"

After setting up Burpsuite, you can then run "webscan" mode or "masswebscan" mode to initiate an automated Burpsuite scan against a defined target (ie. sniper -t website.com -m webscan -w website.com).

Copyright (c) Sn1perSecurity - https://sn1persecurity.com

Clone this wiki locally