Skip to main content
Glama
adriyansyah-mf

MCP Pentest

by adriyansyah-mf
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Local

burp_active_scan

Perform active vulnerability scanning on web applications using Burp Suite to identify security weaknesses for authorized penetration testing.

Instructions

Perform active vulnerability scan using Burp Suite

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
targetYesTarget URL to scan
scopeNoAdditional URLs to include in scope (optional)

Implementation Reference

  • src/tools/burpsuite-integration.ts:195-249 (handler)
    The activeScan method implements the core logic for the 'burp_active_scan' tool: checks Burp status, sets scope, runs spider, starts active scan via Burp API, waits for completion, retrieves issues, and returns formatted results.
    async activeScan(target: string, scope?: string[]): Promise<ScanResult> {
  try {
    console.error(`🔍 Starting Burp Suite active scan on ${target}`);

    // Check if Burp is running
    await this.checkBurpStatus();

    // Send target to scope if specified
    if (scope) {
      await this.setScope(scope);
    }

    // Start spider first
    const spiderResult = await this.spiderTarget(target);
    
    // Start active scan
    const scanResponse = await axios.post(`${this.apiBaseUrl}/v0.1/scan`, {
      urls: [target]
    });

    const scanId = scanResponse.data.task_id;
    console.error(`Scan started with ID: ${scanId}`);

    // Wait for scan completion or timeout
    const scanResult = await this.waitForScanCompletion(scanId, 1800000); // 30 min timeout

    // Get scan results
    const issues = await this.getScanIssues(scanId);

    return {
      target,
      timestamp: new Date().toISOString(),
      tool: 'burpsuite_active_scan',
      results: {
        scan_id: scanId,
        spider_results: spiderResult,
        scan_status: scanResult.status,
        issue_count: issues.length,
        issues: issues,
        severity_breakdown: this.categorizeBySeverity(issues)
      },
      status: 'success'
    };

  } catch (error) {
    return {
      target,
      timestamp: new Date().toISOString(),
      tool: 'burpsuite_active_scan',
      results: {},
      status: 'error',
      error: error instanceof Error ? error.message : String(error)
    };
  }
}
  • src/index.ts:429-442 (schema)
    Defines the input schema and metadata for the 'burp_active_scan' tool, including parameters 'target' (required) and 'scope' (optional array of URLs).
    name: "burp_active_scan",
description: "Perform active vulnerability scan using Burp Suite",
inputSchema: {
  type: "object",
  properties: {
    target: { type: "string", description: "Target URL to scan" },
    scope: { 
      type: "array", 
      items: { type: "string" },
      description: "Additional URLs to include in scope (optional)" 
    }
  },
  required: ["target"]
}
  • src/index.ts:598-600 (registration)
    Registers the tool handler in the MCP server by dispatching calls to BurpSuiteIntegration.activeScan method.
    case "burp_active_scan":
  return respond(await this.burpSuite.activeScan(args.target, args.scope));
  • src/index.ts:64-64 (registration)
    Instantiates the BurpSuiteIntegration class instance used for Burp tools including activeScan.
    this.burpSuite = new BurpSuiteIntegration();
  • src/tools/burpsuite-integration.ts:450-471 (helper)
    Helper method to poll Burp API for active scan completion status.
    private async waitForScanCompletion(scanId: string, timeout: number): Promise<any> {
  const startTime = Date.now();
  
  while (Date.now() - startTime < timeout) {
    try {
      const response = await axios.get(`${this.apiBaseUrl}/v0.1/scan/${scanId}`);
      const status = response.data.status;
      
      if (status === 'finished' || status === 'failed') {
        return response.data;
      }
      
      console.error(`Scan ${scanId} status: ${status}`);
      await new Promise(resolve => setTimeout(resolve, 30000)); // Check every 30 seconds
    } catch (error) {
      console.error('Error checking scan status:', error);
      await new Promise(resolve => setTimeout(resolve, 30000));
    }
  }
  
  throw new Error('Scan timeout exceeded');
}

Tool Definition Quality

C2.9/5.0
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It mentions 'active vulnerability scan', implying it's a read/write operation that interacts with the target, but doesn't specify details like potential impact (e.g., intrusive testing, rate limits, authentication needs, or what 'active' entails beyond scanning). This leaves significant gaps for an agent to understand the tool's behavior.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that directly states the tool's purpose without any unnecessary words. It's front-loaded with the key action and tool, making it easy to parse quickly. Every part of the sentence contributes essential information, earning its place.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity of an active vulnerability scanning tool with no annotations and no output schema, the description is insufficient. It doesn't cover behavioral aspects like what the scan does, potential risks, output format, or how it differs from other scanning tools. For a tool that likely involves intrusive testing, more context is needed to ensure safe and effective use by an agent.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The schema description coverage is 100%, so the input schema already fully documents the 'target' and 'scope' parameters. The description adds no additional meaning beyond what's in the schema (e.g., it doesn't explain parameter formats, constraints, or examples). This meets the baseline score of 3, as the schema handles the parameter documentation adequately.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the action ('Perform active vulnerability scan') and the tool used ('using Burp Suite'), which is specific and unambiguous. However, it doesn't distinguish this tool from sibling tools like 'burp_proxy_scan' or 'nikto_scan', which might also perform vulnerability scanning, so it doesn't fully differentiate from alternatives.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives like 'burp_proxy_scan', 'nmap_scan', or other scanning tools in the sibling list. It lacks context about prerequisites, such as needing Burp Suite running or specific target types, and doesn't mention exclusions or complementary tools.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/adriyansyah-mf/mcp-pentest'

If you have feedback or need assistance with the MCP directory API, please join our Discord server