burp_proxy_scan
Perform passive security scanning by proxying web traffic through Burp Suite to identify vulnerabilities during authorized penetration testing.
Instructions
Perform passive scan through Burp Suite proxy
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| target | Yes | Target URL to proxy through | |
| duration | No | Scan duration in seconds (default: 300) |
Implementation Reference
- The main handler function that executes the burp_proxy_scan tool logic. It checks Burp status, generates proxy traffic to the target, retrieves proxy history and passive scan issues.async proxyScan(target: string, duration: number = 300): Promise<ScanResult> { try { console.error(`🔍 Starting Burp Suite proxy scan on ${target} for ${duration} seconds`); // Check if Burp is running await this.checkBurpStatus(); // Configure proxy const proxyConfig = { http_proxy: `http://127.0.0.1:${this.config.proxy_port}`, https_proxy: `http://127.0.0.1:${this.config.proxy_port}` }; // Send some requests through proxy to generate traffic await this.generateProxyTraffic(target, duration); // Get proxy history const proxyHistory = await this.getProxyHistory(); // Get passive scan issues const issues = await this.getPassiveIssues(); return { target, timestamp: new Date().toISOString(), tool: 'burpsuite_proxy_scan', results: { proxy_config: proxyConfig, scan_duration: duration, requests_captured: proxyHistory.length, issue_count: issues.length, issues: issues, proxy_history: proxyHistory.slice(0, 50), // Limit output severity_breakdown: this.categorizeBySeverity(issues) }, status: 'success' }; } catch (error) { return { target, timestamp: new Date().toISOString(), tool: 'burpsuite_proxy_scan', results: {}, status: 'error', error: error instanceof Error ? error.message : String(error) }; } }
- src/index.ts:444-455 (schema)Input schema definition for the burp_proxy_scan tool, specifying target URL and optional duration.{ name: "burp_proxy_scan", description: "Perform passive scan through Burp Suite proxy", inputSchema: { type: "object", properties: { target: { type: "string", description: "Target URL to proxy through" }, duration: { type: "number", description: "Scan duration in seconds (default: 300)" } }, required: ["target"] } },
- src/index.ts:601-603 (registration)Tool registration in the switch statement of the CallToolRequestSchema handler, delegating to BurpSuiteIntegration.proxyScan method.case "burp_proxy_scan": return respond(await this.burpSuite.proxyScan(args.target, args.duration || 300));
- src/index.ts:444-455 (registration)Tool registration in the ListToolsRequestSchema response array.{ name: "burp_proxy_scan", description: "Perform passive scan through Burp Suite proxy", inputSchema: { type: "object", properties: { target: { type: "string", description: "Target URL to proxy through" }, duration: { type: "number", description: "Scan duration in seconds (default: 300)" } }, required: ["target"] } },
- Helper function to generate proxy traffic by sending curl requests through Burp proxy.private async generateProxyTraffic(target: string, duration: number): Promise<void> { // Use curl or similar tool to generate traffic through Burp proxy const proxyUrl = `http://127.0.0.1:${this.config.proxy_port}`; try { // Basic crawling through proxy const command = `curl -x ${proxyUrl} -k -s "${target}" > /dev/null`; await execAsync(command, { timeout: duration * 1000 }); } catch (error) { console.error('Error generating proxy traffic:', error); } }