Object

AuditItem

An item that represents a distinct location on the website that needs to be audited. Multiple audit items can be identified for the same URL. There are various factors that determine whether multiple audit items are created. For example, there could be a separate audit item for each combination of insertion points, parameters, and headers in the request. Alternatively, separate audit items might be created based on the state of the application at the time when the request was sent, or the path that the crawler took through the application to arrive at this location.

Fields

id(): ID!
The unique identifier of the audit item.
host(): String!
The hostname of the URL where the audit item was found.
path(): String!
The URL path where the audit item was found.
method(): String
The HTTP method of the audit item.
error_types(): [ErrorType!]
A list of errors that occurred when auditing this item.
issue_counts(): IssueCounts!
The number of issues found, sorted by their severity level.
number_of_requests(): Int!
The number of requests sent to an audit item during the auditing phase.
number_of_errors(): Int!
The number of errors that occurred when auditing this item.
number_of_insertion_points(): Int!
The number of insertion points identified for this audit item. An insertion point represents a piece of data in a request that might be specifically processed server-side. These can be parameter values, HTTP headers, cookie values, and so on. In the case of requests containing XML or JSON data, the entire body could even be an insertion point. Burp Scanner automatically identifies insertion points and injects payloads into them to probe for vulnerable behavior.
issue_type_groups(severities: [Severity], confidences: [Confidence], novelties: [Novelty], accepted_risks: [Boolean]): [IssueTypeGroup!]
A list of issues that were found for this audit item, grouped by their issue type.

Example

Query
query GetAuditItem ($scanId: ID!, $auditItemId: ID!) {
  scan(id: $scanId) {
    audit_item(id: $auditItemId) {
      id
      host
      path
      number_of_requests
      number_of_errors
      number_of_insertion_points
      error_types
      issue_counts {
        total
        high {
          total
          certain
          firm
          tentative
        }
        medium {
          total
          certain
          firm
          tentative
        }
        low {
          total
          certain
          firm
          tentative
        }
        info {
          total
          certain
          firm
          tentative
        }
      }
      issue_type_groups
      {
          issue_type {
            type_index
            name
          }
          confidence
          severity
          number_of_children
          first_child_serial_number
          novelty
          jira_ticket_count
          trello_card_count
      }    
}  
}
}
Variables
{
  "scanId": "2",
  "auditItemId": "4"
}
Result
{
  "data": {
    "scan": {
      "audit_item": {
        "id": "4",
        "host": null,
        "path": null,
        "number_of_requests": null,
        "number_of_errors": null,
        "number_of_insertion_points": null,
        "error_types": [

        ],
        "issue_counts": {
          "total": null,
          "high": {
            "total": null,
            "certain": null,
            "firm": null,
            "tentative": null
          },
          "medium": {
            "total": null,
            "certain": null,
            "firm": null,
            "tentative": null
          },
          "low": {
            "total": null,
            "certain": null,
            "firm": null,
            "tentative": null
          },
          "info": {
            "total": null,
            "certain": null,
            "firm": null,
            "tentative": null
          }
        },
        "issue_type_groups": [
          {
            "issue_type": {
              "type_index": null,
              "name": null
            },
            "confidence": null,
            "severity": null,
            "number_of_children": null,
            "first_child_serial_number": null,
            "novelty": null,
            "jira_ticket_count": null,
            "trello_card_count": null
          }
        ]
      }
    }
  }
}