This section explains how to customize web application scans to meet your specific testing requirements. You can customize the following aspects of your scan: The scan scope and configuration.
Mixed Encodings: each segment of the IP address can be presented in different formats: hexadecimal, decimal, or octal. To keep our tool efficient, we don’t generate all possible combinations. Instead, ...
Header Guardian is a Burp Suite extension designed to enhance the security of web applications by identifying missing, misconfigured, and unnecessary HTTP security headers. Properly configured ...
The Nmap Scanner Burp Suite Extension integrates Nmap's powerful network scanning capabilities directly into the Burp Suite interface. This extension provides an easy-to-use graphical interface for ...
If you or your teams use Splunk for your Security Information and Event Management (SIEM), you may like to integrate this with Burp Suite Enterprise Edition. Once configured, this enables you to ...
Manage your security, your way. Managing a complex, enterprise-level web estate requires robust compliance, streamlined management of audits, and visibility of your security coverage. In other words - ...
This release gives you better visibility of the crawl paths found by Burp Scanner, introduces support for sharing issues with Splunk, and enables you to use custom extensions, BChecks, and BApps with ...
The Insertion points panel in the Audit items tab contains a list of all the insertion points for a request. This enables you to better understand how much attack surface Burp Scanner covers. Nested ...
This release introduces a combined scan launcher for web app and API-only scans, the ability to customize which headers appear in the message editor, support for SOAP authentication, and several ...
This extension provides advanced capabilities and automation for finding and exploiting Client-Side Path Traversal. This extension is a Burp Suite Passive Scanner. It reads your proxy history and ...
You can set the type of payload that you want to inject into the base request. Burp Intruder provides a range of options for auto-generating different types of ...
If you need to use an external browser with Burp instead of Burp's preconfigured Chromium browser, perform the following configuration steps. For the vast majority of users, this process is not ...