Burp Suite User Forum

Create new post

Additional Scanner Checks - Does it report HTTP 404 & 403 pages?

Jeffrey | Last updated: Feb 03, 2020 03:59PM UTC

Hi, I am wondering if the Burp Extension - Additional Scanner Checks reports missing HTTP headers for HTTP 404 & 403 pages?

Hannah, PortSwigger Agent | Last updated: Feb 03, 2020 04:02PM UTC

All extensions on Burp Suite have their code publicly available on GitHub. You can find Additional Scanner Checks code here: https://github.com/PortSwigger/additional-scanner-checks It appears that the extension can detect if it's been redirected from HTTP to HTTPS.

Burp User | Last updated: Feb 04, 2020 03:11PM UTC

I'm looking at the GitHub and I actually don't see it explicit saying that it detects missing HTTP Headers for other HTTP Response codes like HTTP 403 or HTTP 404 error pages.

Burp User | Last updated: Feb 04, 2020 04:08PM UTC

For my applications that I'm scanning specifically, I do not see my sitemap populating with any requests that includes HTTP 404 error or HTTP 403. I am wondering why that is happening? The sitemap should show the missing HTTP headers on all responses.

Burp User | Last updated: Feb 04, 2020 06:03PM UTC

I have resolved my issue, please close out this thread. Thank you.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.