Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp Pro scan on OWASP Benchmark

Dominik | Last updated: Dec 16, 2023 11:01AM UTC

Hello, I'm beginner trying to scan OWASP Benchmark with Burp Professional. My problem is that when I use audit scan on target - Insecure Cookie category - only few first issues are found and reported. I know that Burp can find more of them because if I start scanning in reverse order I got different issues and these found previously arent reported. It works the same with manual scan in burp browser - I'm clicking test cases from start to bottom of the page and in reverse after restarting burp and get different results. I read about burp consolidation, but I'm not sure if that's the case and also turning it off for scan did nothing (consolidate frequently occurring passive issues option).

Ben, PortSwigger Agent | Last updated: Dec 18, 2023 11:22AM UTC

Hi Dominik, Are you able to email us at support@portswigger.net and include some further details of what you have configured and some further details of what you are seeing (some screenshots would be ideal) so that we can better understand what you are describing?

Dominik | Last updated: Dec 18, 2023 11:34AM UTC

Thank you for reply. I'll send details.

Dominik | Last updated: Dec 18, 2023 11:37AM UTC

If that's not problem I'll use mail not connected to my account.

Ben, PortSwigger Agent | Last updated: Dec 18, 2023 12:14PM UTC

Hi Dominik, That is fine - we look forward to hearing from you in due course.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.