Burp Suite User Forum

Create new post

Set "Live Audit from Proxy" on Burp Start-up to "In-Suite Scope Only"

Zhu, | Last updated: Sep 11, 2023 03:31PM UTC

Hi, When Burp Suite starts, it has two automatic tasks configured, one called Live Passive Crawl and another called Live Audit from Proxy. I don't want the "Live Audit from Proxy" firing random payloads at sites that I don't add to my scope, such as Google or Facebook. Right now, I have to manually set it to scoped assets only every time I run Burp. Is there a way to automate this? Thanks.

Dominyque, PortSwigger Agent | Last updated: Sep 12, 2023 07:19AM UTC

Hi Thank you for your question! There is no way to automate this. It should be noted that these are a passive crawl and audit. Therefore, no requests are being sent to the sites you visit. It is simply monitoring the traffic that is already there.

Zhu, | Last updated: Sep 12, 2023 02:53PM UTC

Hi Dominyque, Our IDS (working both ways) detected that I was throwing SQL injections against Google despite the fact that I had been idling on one of our internal applications, not doing anything except letting the Burp crawler and auditor run. Can you confirm if the audit function really doesn't perform any requests?

Dominyque, PortSwigger Agent | Last updated: Sep 13, 2023 07:46AM UTC

Hi Zhong We can confirm that the passive crawling and auditing do not perform any requests. This can be seen under the 'Live audit from Proxy', after viewing sites on the embedded browser, the number of requests should remain at 0 and if you click on 'View Details', the Logger tab should be empty.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.