Please note that this initial release only supports scanning of a fairly limited range of REST APIs. You can find this option under "Miscellaneous". If you prefer, you can disable API scanning by deselecting the "Parse API definitions" crawl option in your scan configuration. Based on the endpoints that it discovers, Burp Scanner is then able to derive new locations to crawl and audit. You can also explicitly provide the URL of an API definition when launching a scan. By default, the crawler attempts to parse any API definitions that it encounters to identify potential endpoints, along with their supported methods and parameters. API scanningīurp Scanner is now able to scan both JSON and YAML-based APIs for vulnerabilities. Alternatively, you can manually select one or more characters in a message to work with them in the inspector panel.įor more information about using the inspector, please refer to the documentation. ![]() You perform some of these actions by drilling down into items that were automatically identified by the inspector. Inject non-printing characters by modifying the code point of a character.The inspector automatically reapplies the necessary encodings as you type so that you can inject your modified value into the request with a single click or key press. ![]() Work with encoded data more easily by editing it in its decoded form.The inspector automatically applies the appropriate sequence of transformations to decode headers, parameters, cookies, and any encoded text that you manually select in a message. Instantly decode HTML, URL, and Base64-encoded values. ![]() You can also add new ones to the request.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |