Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Is there a way of setting a maximum time for a scan to take?

William | Last updated: Dec 18, 2020 01:31PM UTC

I have a few scans that I cancel after a number of hours just because the number of requests have not increased and the number of issues reported have not gone up. What I would like to do is check for this condition and if it happens cancel the scan since it appears to be done. I would also like to have the scan marked as "complete" in this case. Is that possible?

Uthman, PortSwigger Agent | Last updated: Dec 18, 2020 02:27PM UTC

Hi William, Is your question in relation to Burp Enterprise?

William | Last updated: Dec 18, 2020 02:28PM UTC

Yes, sorry, it is dealing with Burp Suite Enterprise.

Uthman, PortSwigger Agent | Last updated: Dec 18, 2020 02:37PM UTC

Thanks. There could be a deeper issue here, so we would recommend sending us an email on support@portswigger.net. There is currently no way to set a maximum time on the scan overall. You can set a crawl limit in your scan configuration but the audit will not stop until it is complete. If you cancel a scan then it is, unfortunately, going to continue to be marked as 'Failed' and there is no way to adjust this. You could use the GraphQL API to set up a script that checks whether or not a scan is complete after X minutes and then cancel it. Please take a look at the documentation below: - https://portswigger.net/burp/extensibility/enterprise/graphql-api/ Does the same scan work in Burp Professional? If so, are you using the same scanner version in both products?

William | Last updated: Dec 18, 2020 03:13PM UTC