Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

BurpSuite coverage for OWASP Top 10 2019

Madireddy, | Last updated: May 13, 2021 07:05AM UTC

Hello Team, Can you please let me know where i can find the information for OWASP Top 10 2019 vulnerabilities which Burp Suite covers. I found the link for OWASP Top 10 2017 "https://portswigger.net/support/using-burp-to-test-for-the-owasp-top-ten"but couldn't able to find for OWASP Top 10 2019. Please help me with the URL which contains OWASP Top 10 coverage for BurpSuite. Regards, Supraja.M

Uthman, PortSwigger Agent | Last updated: May 13, 2021 08:54AM UTC

Hi Supraja, We are in the process of removing the old link and updating it with a new one. This is a longer-term goal for our content team so I cannot provide an ETA on when it will be updated. For now, I would recommend using a combination of both manual (manual tools in Burp) and automated (the scanner) techniques to investigate the issues in the latest OWASP top 10.

Madireddy, | Last updated: May 13, 2021 12:13PM UTC

Hello, In that case, atleast can you please let me know how many OWASP rules does Burp Suite cover out of Top 10. Regards, Supraja.M

Uthman, PortSwigger Agent | Last updated: May 13, 2021 12:45PM UTC

Hi Supraja, You can find all the issues the scanner can detect here: - https://portswigger.net/kb/issues You can match these to some issues in the OWASP top 10 e.g. SQL injection, XSS, etc...

Madireddy, | Last updated: May 13, 2021 01:27PM UTC

Hello, Yeah i know this link. Those are the sub-vulnerabilities/issues reported by Burp. But i require the definite number of rules for eg. A1,A2,etc which the Burp Suite covers from the list of OWASP Top 10 A1 to A10. Please provide me the requested info. Regards, Supraja.M

Uthman, PortSwigger Agent | Last updated: May 13, 2021 01:42PM UTC

Hi Supraja, We do not have an exact mapping, unfortunately. You will likely need to wait until an updated article is released by one of our writers or map the issues yourself to the issue definitions linked previously.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.