search
Ctrlk

🟠Pynt with Burp Suite

Enhance Burp Suite with Pynt for advanced API security testing. Integrate Pynt to automate and extend your security testing capabilities within Burp Suite.

hashtag
What is Burp Suite?

circle-info

πŸ’‘ Burp Suitearrow-up-right is a leading web vulnerability scanner used by security professionals for penetration testing of web applications. It provides tools for scanning, testing, and analyzing vulnerabilities, and supports both manual and automated security testing workflows. Burp Suite is widely used for identifying issues such as injection flaws, authentication vulnerabilities, and other security concerns in web applications.

Burp Suite

hashtag
Pynt's integration with Burp Suite

As part of its API security testing, Pynt allows seamless integration with Burp.

Integrating Pynt with Burp Suite enhances your API security testing by adding automated context-aware security scans to your testing process. With Pynt, you can automate vulnerability assessments within Burp Suite, ensuring that your APIs are continuously monitored and protected against emerging threats. Pynt's integration with Burp Suite provides detailed security reports, helping you quickly identify and address critical vulnerabilities in your APIs. This powerful combination of tools enables you to maintain a secure and resilient API environment, streamline your testing workflow, and deliver secure applications with confidence.

hashtag
Use Pynt listen as an upstream proxy of Burp

Run pynt listen and set it to capture the domains of the traffic that you want Pynt to scan:

pynt listen --captured-domains <domains>

hashtag
Setting Upstream Proxy in Burp Suite

To configure Burp Suite to use an upstream proxy, follow these steps:

  1. Open Burp Suite and navigate to the Proxy tab.

  2. Click on the Options sub-tab.

  3. Scroll down to the Upstream Proxy Servers section.

  4. Click on the Add button.

  5. In the dialog that appears, enter the details of the upstream proxy:

    • Destination host: Leave this as * to apply to all destinations, or specify specific hosts.

    • Proxy host: Enter the IP address of Pynt listen 127.0.0.1

    • Proxy port: Enter the port number of Pynt listen 6666

  6. Click OK to save your upstream proxy configuration.

Now, Burp Suite will route all external traffic through Pynt proxy. Hit enter to trigger Pynt scan.

circle-info

πŸ’‘ Pynt CLI Troubleshooting: If you're encountering issues with Pynt's CLI, visit the Pynt CLI Troubleshooting Guidearrow-up-right for solutions and troubleshooting tips.

circle-info

πŸ’‘ Still Need Help? For any questions or troubleshooting, reach out to the Pynt Community Supportarrow-up-right.

PreviousPynt for Bitbucket pipelinesNextPynt with Browsers

Last updated