I have been trying to configure a bunch of GET and POST requests in Qualys. Here are the steps I have followed -
- Configured Postman to use BURP proxy. Used Postman to run the APIs that I want to test and intercepted them using the BURP proxy.
- From the BURP "HTTP History" tab, I selected the requests and saved as a .xml file. For testing, I chose 2 GET requests and POST requests.
- Uploaded this file in the web application configuration. I see "4" as the number of items.
- Performed a discovery scan and I notice that only the GET requests are getting crawled but not the POST. Here are the information gathered -
Requests Crawled -
Links Crawled -
Here's a screenshot of the BURP history tab -
Is there any reason why I am not seeing the POST requests?
Thanks and any help appreciated.