The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Burp Suite Enterprise cannot do authenticated scans

Ivan | Last updated: Jun 24, 2021 07:03AM UTC

Hello Burp, I hope i find you in good health. I would like to present to you a few problems that we encountered while working with Burp Enterprise. In the Web application scan configuration, we use in most cases crawling with authentication. We have noticed that the use of basic Login Credentials Authentication is not working properly. In fact is not working at all. Also the second setting for record authentication is not working as well. We came to this conclusion from the fact that in one scan it's finish super fast, for no reason. We also have a case of a failed scans and scan log reports multiple failed login attempts. We can be sure that the application does not authenticate, we notice even after a few hours of scanning that the scanned URLs do not include the internal URLs of the application. We Insert the URLs manually and the result is the same. We can provide you with screenshots of the configurations we have to guide us where the problem might be. Thanks in advance. Looking forward to your reply.

Maia, PortSwigger Agent | Last updated: Jun 24, 2021 02:46PM UTC