Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Is there a way of setting a maximum time for a scan to take?

William | Last updated: Dec 18, 2020 01:31PM UTC

I have a few scans that I cancel after a number of hours just because the number of requests have not increased and the number of issues reported have not gone up. What I would like to do is check for this condition and if it happens cancel the scan since it appears to be done. I would also like to have the scan marked as "complete" in this case. Is that possible?

Uthman, PortSwigger Agent | Last updated: Dec 18, 2020 02:27PM UTC

Hi William, Is your question in relation to Burp Enterprise?

William | Last updated: Dec 18, 2020 02:28PM UTC

Yes, sorry, it is dealing with Burp Suite Enterprise.

Uthman, PortSwigger Agent | Last updated: Dec 18, 2020 02:37PM UTC

Thanks. There could be a deeper issue here, so we would recommend sending us an email on support@portswigger.net. There is currently no way to set a maximum time on the scan overall. You can set a crawl limit in your scan configuration but the audit will not stop until it is complete. If you cancel a scan then it is, unfortunately, going to continue to be marked as 'Failed' and there is no way to adjust this. You could use the GraphQL API to set up a script that checks whether or not a scan is complete after X minutes and then cancel it. Please take a look at the documentation below: - https://portswigger.net/burp/extensibility/enterprise/graphql-api/ Does the same scan work in Burp Professional? If so, are you using the same scanner version in both products?

William | Last updated: Dec 18, 2020 03:13PM UTC

OK, I was thinking of have a program that uses GraphQL to check running scans and cancel them if they do not complete in time, so that will work. As long as I can get the report out of the scan, I should be fine. I will just have to explain to the staff that a cancel is not a bad thing just that we have to do it sometimes to have it finish. Thanks

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.