Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

How does Burp Suite Enterprise choose when two configuration files conflict?

Andrew | Last updated: Nov 09, 2022 07:28AM UTC

Hi, Team: We can upload more than two configuration files for a site in Burp Suite Enterprise (Settings > Configuration). but how does Burp Suite Enterprise choose when two configuration files conflict? The A configuration uses a private Collaborator Server, which is exported from Burp Suite Professional; the B configuration uses default configuration "Audit checks - medium active", which modified "Connections > Upstream Proxy Servers". For example, will Burp Suite Enterprise uses the private Collaborator Server server or the default Collaborator Server server when scanning the site? Thanks!

Alex, PortSwigger Agent | Last updated: Nov 09, 2022 07:50AM UTC

Hi Andrew, Thanks for your post. When applying multiple scan configurations, they are applied in the order that they are "Stacked". This means that any options specified for a particular setting take precedence over equivalent settings for configurations higher in the list. You can find more detail, along with an example here: https://portswigger.net/burp/documentation/enterprise/reference/scan-config-details#:~:text=Modular%20scan%20configurations Best regards,

Andrew | Last updated: Nov 09, 2022 08:45AM UTC

Hi Alex, Which Collaborator Server will Burp Suite Enterprise use when scanning with two configuration files, private Collaborator Server or default Collaborator Server? And what vulnerability types are detected in relation to the Collabrator Server? like the scanning effect will be better if there is a collabrator server. Thanks!

Alex, PortSwigger Agent | Last updated: Nov 09, 2022 10:19AM UTC