MCP.so
登录

Burpsuite MCP Server

@MCP-Mirror

关于 Burpsuite MCP Server

Mirror of

基本信息

分类

其他

许可证

MIT license

运行时

node

传输方式

stdio

发布者

MCP-Mirror

配置

暂无标准配置

该服务器的 README 中没有可解析的 MCP 配置块,请前往代码仓库查看安装说明。

代码仓库

工具

5

`target`: Target URL to scan (e.g., https://example.com)

`scan_id`: ID of the scan to check

`scan_id`: ID of the scan

`host`: Filter by host (optional)

`host`: Filter by host (optional)

概览

What is Burpsuite MCP Server?

A Model Context Protocol (MCP) server that provides an interface for AI assistants to interact with Burpsuite Professional for web security testing and vulnerability scanning. It offers tools to start scans, check status, retrieve issues, view proxy history, and access the site map.

How to use Burpsuite MCP Server?

Install the server by running npm install and npm run build. Then add it to your MCP settings configuration file as a node command pointing to the built index.js. Once configured, an AI assistant can invoke its tools (e.g., start_scan, get_scan_status) to perform security testing tasks.

Key features of Burpsuite MCP Server

  • Start vulnerability scans (passive, active, or full) on a target URL
  • Check the status and retrieve issues of a running scan
  • Filter scan issues by severity level (high, medium, low, info, all)
  • Access HTTP/HTTPS traffic captured by Burp Proxy with optional filters
  • View site structure discovered during scanning and browsing

Use cases of Burpsuite MCP Server

  • AI-driven vulnerability scanning of web applications
  • Automated retrieval and analysis of proxy traffic from Burp Suite
  • Continuous monitoring of scan progress and results
  • Querying discovered site structure for security assessment
  • Integrating Burpsuite capabilities into larger security automation workflows

FAQ from Burpsuite MCP Server

What tools does the server expose?

The server provides five tools: start_scan, get_scan_status, get_scan_issues, get_proxy_history, and get_site_map. Each has configurable parameters for targeting and filtering.

How do I install and configure the server?

Build the project with npm install && npm run build, then add a configuration entry to your MCP settings file with the command node and the path to build/index.js.

Does the server currently connect to a real Burpsuite instance?

No, the current release provides mock functionality. Future enhancements will enable connection to a real Burpsuite Professional instance via its REST API with authentication.

What resources are available via the MCP server?

Resources include scan results at burpsuite://scan/{scanId}, issue details at burpsuite://scan/{scanId}/issue/{issueId}, proxy history at burpsuite://proxy/history and individual items, and the site map at burpsuite://sitemap.

Can I filter proxy history or scan issues?

Yes. get_proxy_history accepts optional filters for host, HTTP method, status code, and a limit. get_scan_issues allows filtering by severity (high, medium, low, info, or all).

评论

其他 分类下的更多 MCP 服务器