Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Additional Scanner Checks - Does it report HTTP 404 & 403 pages?

Jeffrey | Last updated: Feb 03, 2020 03:59PM UTC

Hi, I am wondering if the Burp Extension - Additional Scanner Checks reports missing HTTP headers for HTTP 404 & 403 pages?

Hannah, PortSwigger Agent | Last updated: Feb 03, 2020 04:02PM UTC

All extensions on Burp Suite have their code publicly available on GitHub. You can find Additional Scanner Checks code here: https://github.com/PortSwigger/additional-scanner-checks It appears that the extension can detect if it's been redirected from HTTP to HTTPS.

Burp User | Last updated: Feb 04, 2020 03:11PM UTC

I'm looking at the GitHub and I actually don't see it explicit saying that it detects missing HTTP Headers for other HTTP Response codes like HTTP 403 or HTTP 404 error pages.

Burp User | Last updated: Feb 04, 2020 04:08PM UTC

For my applications that I'm scanning specifically, I do not see my sitemap populating with any requests that includes HTTP 404 error or HTTP 403. I am wondering why that is happening? The sitemap should show the missing HTTP headers on all responses.

Burp User | Last updated: Feb 04, 2020 06:03PM UTC