REST/JSON interface to Burp Suite
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
src API mods May 8, 2013 Update Sep 9, 2012
blank.burp.state Changed JSON data format to be a bit more logical Mar 12, 2012
burp.config Regex searching through results Apr 21, 2012
license.txt initial commit Feb 27, 2012 Single threaded model working Apr 22, 2012
pom.xml API mods May 8, 2013


A REST/JSON API to the Burp Suite security tool.



Install Burp Suite pro into the local maven repo:

mvn install:install-file -Dfile=burpsuite-pro.jar -DgroupId=net.portswigger -DartifactId=burpsuite-pro -Dversion=1.4.04 -Dpackaging=jar

Then compile resty-burp:

cd ..
mvn compile
mvn install -DskipTests


The URL to access the web service can be edited in the file, by default it's http://localhost:8181 with the WADL available from http://localhost:8181/application.wadl

Everytime the reset() method is called, the burp.blank.state state is loaded- so if you'd like to make changes to Burp's state, save the state to this file.


Before running for the first time, compile with:

mvn exec:java


It ships with a client written in Java which can be used from other Java programs. For example:

	public void scan(String url) {
		BurpClient burp = new BurpClient("http://localhost:8181/");
		try {
			int scanId = burp.scan(url);
			while (burp.percentComplete(scanId) < 100) {
		} catch (Exception e) {