Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

scan configuration

tsukiazuma | Last updated: Apr 25, 2023 07:34AM UTC

I have some question about 4 modes of scan configuration: Lightweight, Fast, Balanced, Deep: - How are those 4 modes different (except for the time issue)? Example: Deep used XSS, but the other 3 modes do not,.... - How should I choose the scan mode?

Ben, PortSwigger Agent | Last updated: Apr 26, 2023 06:30AM UTC

Hi, The primary difference in these scanning configurations is the amount of time the scans can potentially run for (the 'Lightweight' configuration, for example, caps the scan at a maximum of 15 minutes duration). There are some details on this on the following pages: https://portswigger.net/burp/documentation/scanner/scan-configurations/preset-scan-modes https://portswigger.net/burp/documentation/scanner/scan-configurations/burp-scanner-built-in-configs Generally speaking, running a balanced scan is normally a good option to pursue, at least in the first instance, in order to strike a balance between coverage and speed.

tsukiazuma | Last updated: Apr 26, 2023 07:45AM UTC

I mean is it possible to rely on other criteria to distinguish those 4 scan modes? such as attack module

Ben, PortSwigger Agent | Last updated: Apr 26, 2023 08:58AM UTC

Hi, All of the pre-built configurations are setup to check for all possible vulnerability types during the audit phase of the scan. Which product are you using, Burp Professional or Burp Enterprise?

tsukiazuma | Last updated: Apr 26, 2023 09:49AM UTC

I using Burp Professional

tsukiazuma | Last updated: Apr 26, 2023 09:50AM UTC

So, the only way to distinguish is based on time?

Ben, PortSwigger Agent | Last updated: Apr 26, 2023 11:14AM UTC

Hi, In Burp Professional, if you select the Burp -> Configuration library menu item, this will open up the Configuration Library dialog containing, amongst other items, the pre-build scan configurations. If you select one of these configurations and then click the 'Edit' button, on the right-hand side of the dialog, this will open up the settings for each scan configuration. From here, you can view exactly what settings are enabled in each of the configurations, for both the crawl and the audit phase of the scan, giving you a more complete idea of what each one does. As noted, the main difference between all of the pre-built configurations are the time taken to crawl and audit the target site and the audit speed (the scan configuration settings have help buttons that will take you to further documentation to explain what a setting does, if you are unsure about any of the specific settings).

tsukiazuma | Last updated: Apr 28, 2023 01:40AM UTC

Oh, I can see it Thank you

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.