Burpsuite MCP Server

Overview Inspect Schema Related Servers Score Discussions

start_scan

Initiate vulnerability scans on target URLs using specified scan types (passive, active, full) via Burpsuite MCP Server to identify security issues.

Instructions

Start a new vulnerability scan on a target URL

Input Schema

TableJSON Schema

Name	Required	Description	Default
`scan_type`	No	Type of scan to perform
`target`	Yes	Target URL to scan (e.g., https://example.com)

Implementation Reference

src/index.ts:490-530 (handler)
The handler logic for the 'start_scan' tool. It extracts target URL and scan_type from arguments, validates target, generates a unique scan ID, initializes a mock Scan object, stores it in mockScans, sets a 5-second timeout to simulate scan completion by generating mock issues based on scan_type, and returns the scan_id and initial status.
case "start_scan": { const target = String(request.params.arguments?.target); const scanType = String(request.params.arguments?.scan_type || "passive"); if (!target) { throw new McpError(ErrorCode.InvalidParams, "Target URL is required"); } // Create a new scan const scanId = `scan-${Date.now()}`; const scan: Scan = { id: scanId, target, status: "running", startTime: new Date().toISOString(), progress: 0, issues: [] }; mockScans[scanId] = scan; // Simulate scan completion after a delay (in a real implementation, this would be async) setTimeout(() => { const issueCount = scanType === "passive" ? 3 : scanType === "active" ? 8 : 15; mockScans[scanId].issues = generateMockIssues(new URL(target).hostname, issueCount); mockScans[scanId].status = "completed"; mockScans[scanId].endTime = new Date().toISOString(); mockScans[scanId].progress = 100; }, 5000); return { content: [{ type: "text", text: JSON.stringify({ scan_id: scanId, message: `Started ${scanType} scan on ${target}`, status: "running" }, null, 2) }] }; }
src/index.ts:385-399 (schema)
Input schema definition for the 'start_scan' tool, specifying a required 'target' string and optional 'scan_type' enum.
inputSchema: { type: "object", properties: { target: { type: "string", description: "Target URL to scan (e.g., https://example.com)" }, scan_type: { type: "string", enum: ["passive", "active", "full"], description: "Type of scan to perform" } }, required: ["target"] }
src/index.ts:382-400 (registration)
The tool registration entry in the ListTools handler, including name, description, and input schema for 'start_scan'.
{ name: "start_scan", description: "Start a new vulnerability scan on a target URL", inputSchema: { type: "object", properties: { target: { type: "string", description: "Target URL to scan (e.g., https://example.com)" }, scan_type: { type: "string", enum: ["passive", "active", "full"], description: "Type of scan to perform" } }, required: ["target"] } },

This server cannot be installed

Other Tools

Related Tools

start_scan
@Cyreslab-AI/nessus-mcp-server
security_vulnerability_scan
@Heht571/ops-mcp-server
start_scan
@Spritualkb/nuclei-mcp
search_vulnerabilities
@Cyreslab-AI/nessus-mcp-server
startAccessibilityScan
@browserstack/mcp-server
list_scan_templates
@Cyreslab-AI/nessus-mcp-server

Latest Blog Posts

What Is Context Bloat in MCP?
By Om-Shree-0709 on December 16, 2025.
mcp
Context Bloat
MCP Moves to the Linux Foundation: Neutral Stewardship for Agentic Infrastructure
By Om-Shree-0709 on December 15, 2025.
mcp
anthropic
Linux Foundation
Code Execution with MCP: Architecting Agentic Efficiency
By Om-Shree-0709 on December 14, 2025.
mcp
Token bloat

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Cyreslab-AI/burpsuite-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server