Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Hide false positives

Andrej | Last updated: Sep 22, 2017 11:00AM UTC

Could there be a possibility to hide Issues which were flagged as false positives? Currently in the Site Map -> issues, there can be very large amount if issues marked as false positive; and if new one of that category is discovered, the issue type is put back on top of the list [depending on severity of course]; with the same number + 1. Usecase - since I work on testing environments with different configuration; there are certain issue types taken as false positives by default [can have ~500 issues inside]; when I flag all false positives and new issue of same type is discovered, I can see it again with ~501, where only a single item is shown as non-false positive.

PortSwigger Agent | Last updated: Sep 22, 2017 02:06PM UTC

Thanks for your inquiry. Regarding hiding false positives, it is already possible to filter false positives from generated reports. The desktop UI is generally used by advanced users, who can simply ignore the false positives. If they were hidden there is some potential for confusion. We don't think this would be a useful feature for desktop Burp. Regarding bulk marking issues as false positives. We're working on a feature that will let you do this. We will provide more fine grained control over what checks are run, so you can disable a check that is causing excessive false positives. I've liked your case to the development story; we'll let you know when there's progress.

Burp User | Last updated: May 31, 2018 05:56PM UTC

Hi - has this feature been released? Also, will it survive subsequent tests? I.e. if I mark a test as false in 1 test, and rerun that test against the same resource again, will it resurface that as a new vulnerability or will it continue to be marked as a false positive? Thanks

PortSwigger Agent | Last updated: Jun 01, 2018 08:57AM UTC

Hi Ben, Thanks for following up. The feature hasn't been released yet. We do intend that it will persist between retests, although we haven't fully worked out the details.

Burp User | Last updated: Jul 17, 2019 12:28AM UTC

I have a similar request. I am also aware of the fact that we can flag vulnerabilities as false positives. However, when you go to create a report using the batch scan report generator it would be extremely nice to have an extra column in the summary section that would give the false positive count instead of having to click on each vulnerability to find out that its a false positive.

Liam, PortSwigger Agent | Last updated: Jul 18, 2019 07:21AM UTC

Thanks for the additional feedback Bryan.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.