Interface Scanner

public interface Scanner

[Professional only] Provides access to the functionality of the Scanner tool.

Method Summary

Modifier and Type	Method	Description
BChecks	bChecks()	Access functionality related to BChecks.
void	generateReport(List<AuditIssue> issues, ReportFormat format, Path path)	Generate a report for the specified Scanner issues.
Registration	registerActiveScanCheck(ActiveScanCheck activeScanCheck, ScanCheckType scanCheckType)	Register a custom active scan check.
Registration	registerAuditIssueHandler(AuditIssueHandler auditIssueHandler)	Register a handler which will be notified of new audit issues that are reported by the Scanner tool.
Registration	registerInsertionPointProvider(AuditInsertionPointProvider insertionPointProvider)	Register a provider of Scanner insertion points.
Registration	registerPassiveScanCheck(PassiveScanCheck passiveScanCheck, ScanCheckType scanCheckType)	Register a custom passive scan check.
Registration	registerScanCheck(ScanCheck scanCheck)	Deprecated. This method has been superseded by registerActiveScanCheck(ActiveScanCheck, ScanCheckType) and registerPassiveScanCheck(PassiveScanCheck, ScanCheckType).
Audit	startAudit(AuditConfiguration auditConfiguration)	This method can be used to start an audit in the Burp Scanner tool.
Crawl	startCrawl(CrawlConfiguration crawlConfiguration)	This method can be used to start a crawl in the Burp Scanner tool.

Method Details

registerActiveScanCheck

Registration registerActiveScanCheck(ActiveScanCheck activeScanCheck,
 ScanCheckType scanCheckType)

Register a custom active scan check. During scanning, Burp will invoke this check on the base request, and report any identified issues.

Parameters:

activeScanCheck - An object created by the extension that implements the ActiveScanCheck interface.

scanCheckType - A ScanCheckType object. This specifies the point a scan check is invoked by the scanner.

Returns:

The Registration for the check.

registerPassiveScanCheck

Registration registerPassiveScanCheck(PassiveScanCheck passiveScanCheck,
 ScanCheckType scanCheckType)

Register a custom passive scan check. During scanning, Burp will invoke this check on the base request, and report any identified issues.

Parameters:

passiveScanCheck - An object created by the extension that implements the PassiveScanCheck interface.

scanCheckType - A ScanCheckType object. This specifies the point a scan check is invoked by the scanner.

Returns:

The Registration for the check.

Throws:

IllegalArgumentException - if the specified ScanCheckType is not applicable to passive scan checks (See ScanCheckType).

registerAuditIssueHandler

Registration registerAuditIssueHandler(AuditIssueHandler auditIssueHandler)

Register a handler which will be notified of new audit issues that are reported by the Scanner tool. Extensions can perform custom analysis or logging of audit issues by registering an audit issue handler.

Parameters:

auditIssueHandler - An object created by the extension that implements the AuditIssueHandler interface.

Returns:

The Registration for the handler.

registerScanCheck

@Deprecated
Registration registerScanCheck(ScanCheck scanCheck)

Deprecated.

This method has been superseded by registerActiveScanCheck(ActiveScanCheck, ScanCheckType) and registerPassiveScanCheck(PassiveScanCheck, ScanCheckType).

Register a custom Scanner check. When performing scanning, Burp will ask the check to perform active or passive scanning on the base request, and report any Scanner issues that are identified.

Parameters:

scanCheck - An object created by the extension that implements the ScanCheck interface.

Returns:

The Registration for the check.

registerInsertionPointProvider

Registration registerInsertionPointProvider(AuditInsertionPointProvider insertionPointProvider)

Register a provider of Scanner insertion points. For each base request that is actively scanned, Burp will ask the provider to provide any custom Scanner insertion points that are appropriate for the request.

Parameters:

insertionPointProvider - An object created by the extension that implements the AuditInsertionPointProvider interface.

Returns:

The Registration for the provider.

startCrawl

Crawl startCrawl(CrawlConfiguration crawlConfiguration)

This method can be used to start a crawl in the Burp Scanner tool.

Returns:

The Crawl started in the Burp Scanner tool.

startAudit

Audit startAudit(AuditConfiguration auditConfiguration)

This method can be used to start an audit in the Burp Scanner tool.

Returns:

The Audit started in the Burp Scanner tool.

generateReport

void generateReport(List<AuditIssue> issues,
 ReportFormat format,
 Path path)

Generate a report for the specified Scanner issues. The report format can be specified. For all other reporting options, the default settings that appear in the reporting UI wizard are used.

Parameters:

issues - The AuditIssues issues to be reported.

format - The ReportFormat to be used in the report.

path - The Path to the file that will be saved.

bChecks

BChecks bChecks()

Access functionality related to BChecks.

Returns:

An implementation of the BChecks interface which exposes BChecks functionality.