Burp Suite User Forum

Create new post

Filter Bypass Scanner Options

Tobias | Last updated: Mar 13, 2016 01:23AM UTC

Filter bypass options for the scanner would be useful. Just from a SQLi perspective, it would be great if I could have radio buttons that could enable SQLmap tamper script style payload modification options such as spacetocomment, equaltolike, between, etc, etc...

Burp User | Last updated: Mar 13, 2016 01:27AM UTC

Wait - I meant checkboxes - not radio buttons.

PortSwigger Agent | Last updated: Mar 14, 2016 09:28AM UTC

Thanks for this feedback. Burp already does use various techniques to bypass some common filters for various vulnerability types. Any additional ones would probably need to be used only in Burp Scanner's "thorough" mode where more payloads are used. If you have examples of some specific techniques that you think Burp ought to use but doesn't, then please pass these on.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.