Login
    Contents x
    Burp Suite
    • 24 Mar 2022
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Burp Suite

    • Updated on 24 Mar 2022
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Burp Suite is a penetration testing and vulnerability finder tool often used for checking web application security.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices

    Parameters

    1. Host Name or IP Address (required, default: empty) - The hostname or IP address of the Burp Suite server.

    2. API Key (required, default: empty) - An API Key associated with a user account that has permissions to fetch assets.

    3. Verify SSL (required, default: False) - Choose whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

    4. HTTPS Proxy (optional, default: empty) - Connect the adapter to a proxy instead of directly connecting it to the domain.

    5. HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

      • When supplied, Axonius authenticates with this value when connecting to the value supplied in HTTPS Proxy.
      • When not supplied, Axonius does not perform authentication when connecting to the value supplied in HTTPS Proxy.

    6. HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the server using the HTTPS Proxy.

    7. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    Burp_Suite


    APIs

    Axonius uses the Burp Suite Enterprise Edition GraphQL API.

    Accessing the API requires creating an API user in the Burp Suite Enterprise Edition. This will generate an API key that you can use to authenticate any requests that you send to the API.


    To obtain an API key:

    1. Log in to the Burp Suite Enterprise Edition web UI as an administrator.
    2. From the Burger menu, navigate to the Team page.
    3. On the Users tab, select New user.
    4. Enter a name and username that will help you subsequently identify the user, such as "GraphQL API User".
    5. Enter an email address, such as the email address of the admin user.
    6. Select the API key login type.
    7. Save your changes.
    8. When prompted, copy your new API key and save it to a secure location.

    Required Permissions

    The value supplied in API Key must be associated with credentials that have permissions to fetch assets.

    Version Matrix

    This adapter was only tested with the versions marked as supported, but may work with other versions. Contact Axonius Support if you have a version that is not listed, which is not functioning as expected.

    VersionSupportedNotes
    Burp Suite Enterprise Edition 2022.1Yes

    Supported From Version

    Supported from Axonius version 4.5

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout