Skip to content

Burp XML results

You can generate Burp XML output from your Burp suite test.

Learn by example

Check out our example Burp suite repository.

Example file

Download our example file here: example-burp-xml.xml

Host

  • version: Checks is the version is between 2.0.0 and 2.2.0, if that is not the case a warning is given in the import details.
  • host: Stored as container classification.
  • hostname: Stored as container title.
  • issue types: We go through all elements, in case the element is 'issue type', we will create a sub-container for it.

Issue type

  • path ignored.
  • serialNumber ignored.
  • type ignored.
  • title: Combination of the severity and name used as name of the container.
  • classification: Used to specify the type of element (Issue type).
  • description: The results that are stored in this container.

Results

  • issueBackground: Displayed in the exception description.
  • remediationBackground: Displayed in the exception description.
  • references: A link displayed in the exception description under "more information".
  • vulnerabilityClassifications: A link displayed in the exception description under "more information".
  • issueDetail: ignored.
  • confidenceignored.
  • requestresponse: Displayed in the json_data
  • severity: Used to determine the severity of the result and are given the following status:
    • high -> failed
    • medium -> failed
    • low -> broken
    • informational -> unknown