Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Additional step for scanner options when launching active scanner.

Claudio | Last updated: Mar 06, 2015 10:59AM UTC

It would be awesome to have an additional step when launching an active scan, for configuring what are the parameters that we want to scan without have to mess with the general config. For example: Lets say that for this scan I only want to test MySQL SQL Injections in URL parameters or only want to test for XSS in Body Parameters.

PortSwigger Agent | Last updated: Mar 09, 2015 10:55AM UTC

Thanks for this request. We do plan to support per-item configuration in future, so you'll be able to configure specific insertion points or scan checks for specific items that are sent for scanning. We can't currently provide an ETA for this feature, sorry.

Burp User | Last updated: Mar 11, 2015 03:49PM UTC

Is this still planned ?

PortSwigger Agent | Last updated: Mar 12, 2015 08:59AM UTC

Yes, our plans haven't changed in the last 3 days!

Burp User | Last updated: Mar 13, 2015 02:21PM UTC

Thnks for the feedback Dafydd.

Burp User | Last updated: Mar 30, 2015 03:29PM UTC

You may already know OP, but you can do this on a per-request basis. Just send your request(s) to intruder and mark which parameters you want to active scan, then right click the request and select 'Actively scan your defined insertion points' from the context menu. Obviously this only handles one request at a time which may be tedious especially when you want to active scan an entire application, but I find it works really well to avoid useless/duplicate active scan requests, and allows me as a tester to use my own knowledge of the application to determine the best active scanning configuration.

Burp User | Last updated: Sep 14, 2015 11:48AM UTC

The problem with using the Intruder is that you still have no control over what kind of tests can be done with the marked parameters. The OP wants to test certain parameters only for XSS or SQL injection. The Scanner options can be customized but the effect is global.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.