burp_active_scan
Perform active vulnerability scanning on web applications using Burp Suite to identify security weaknesses for authorized penetration testing.
Instructions
Perform active vulnerability scan using Burp Suite
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| target | Yes | Target URL to scan | |
| scope | No | Additional URLs to include in scope (optional) |
Implementation Reference
- The activeScan method implements the core logic for the 'burp_active_scan' tool: checks Burp status, sets scope, runs spider, starts active scan via Burp API, waits for completion, retrieves issues, and returns formatted results.async activeScan(target: string, scope?: string[]): Promise<ScanResult> { try { console.error(`🔍 Starting Burp Suite active scan on ${target}`); // Check if Burp is running await this.checkBurpStatus(); // Send target to scope if specified if (scope) { await this.setScope(scope); } // Start spider first const spiderResult = await this.spiderTarget(target); // Start active scan const scanResponse = await axios.post(`${this.apiBaseUrl}/v0.1/scan`, { urls: [target] }); const scanId = scanResponse.data.task_id; console.error(`Scan started with ID: ${scanId}`); // Wait for scan completion or timeout const scanResult = await this.waitForScanCompletion(scanId, 1800000); // 30 min timeout // Get scan results const issues = await this.getScanIssues(scanId); return { target, timestamp: new Date().toISOString(), tool: 'burpsuite_active_scan', results: { scan_id: scanId, spider_results: spiderResult, scan_status: scanResult.status, issue_count: issues.length, issues: issues, severity_breakdown: this.categorizeBySeverity(issues) }, status: 'success' }; } catch (error) { return { target, timestamp: new Date().toISOString(), tool: 'burpsuite_active_scan', results: {}, status: 'error', error: error instanceof Error ? error.message : String(error) }; } }
- src/index.ts:429-442 (schema)Defines the input schema and metadata for the 'burp_active_scan' tool, including parameters 'target' (required) and 'scope' (optional array of URLs).name: "burp_active_scan", description: "Perform active vulnerability scan using Burp Suite", inputSchema: { type: "object", properties: { target: { type: "string", description: "Target URL to scan" }, scope: { type: "array", items: { type: "string" }, description: "Additional URLs to include in scope (optional)" } }, required: ["target"] }
- src/index.ts:598-600 (registration)Registers the tool handler in the MCP server by dispatching calls to BurpSuiteIntegration.activeScan method.case "burp_active_scan": return respond(await this.burpSuite.activeScan(args.target, args.scope));
- src/index.ts:64-64 (registration)Instantiates the BurpSuiteIntegration class instance used for Burp tools including activeScan.this.burpSuite = new BurpSuiteIntegration();
- Helper method to poll Burp API for active scan completion status.private async waitForScanCompletion(scanId: string, timeout: number): Promise<any> { const startTime = Date.now(); while (Date.now() - startTime < timeout) { try { const response = await axios.get(`${this.apiBaseUrl}/v0.1/scan/${scanId}`); const status = response.data.status; if (status === 'finished' || status === 'failed') { return response.data; } console.error(`Scan ${scanId} status: ${status}`); await new Promise(resolve => setTimeout(resolve, 30000)); // Check every 30 seconds } catch (error) { console.error('Error checking scan status:', error); await new Promise(resolve => setTimeout(resolve, 30000)); } } throw new Error('Scan timeout exceeded'); }