27Tem
Can Burp detect new REST APIs exposed on a server
I am trying to write an automated test that runs on all exposed APIs on a server and checks each endpoint for vulnerabilities.
The problem is the server I am testing always has new APIs exposed, so I want my test to automatically detect new APIs exposed and then run the scan on them. Is that feasible?
I found this link from burp. It says that
API scanning works in a similar way to web page scanning, but instead of crawling for web content Burp Scanner crawls for exposed API endpoints
Does that mean Burp can do what I am looking for? Scanning a server and detecting the exposed REST APIs?