PortSwigger GraphQL
PortSwigger exposes a native GraphQL API for Burp Suite DAST (Dynamic Application Security Testing). This is the recommended integration path for all new Burp Suite DAST integrations, providing the broadest feature surface including site management, scan orchestration, vulnerability retrieval, agent configuration, and report generation.
Overview
PortSwigger GraphQL is a GraphQL API specification published by PortSwigger on the APIs.io network.
PortSwigger exposes a native GraphQL API for Burp Suite DAST (Dynamic Application Security Testing). This is the recommended integration path for all new Burp Suite DAST integrations, providing the broadest feature surface including site management, scan orchestration, vulnerability retrieval, agent configuration, and report generation.
The GraphQL endpoint is available at https://your-server/graphql/v1. documentation is published at https://portswigger.net/burp/documentation/dast/user-guide/api-documentation/graphql-api.
The specification includes 1 reference link.
Tagged areas include Security, Web Security, Penetration Testing, DAST, and API Security.
Endpoint
References
- GraphQL injection Labs are available at https://portswigger.net/web-security/graphql