Burp Suite User Forum

Login to post

Single Page Scanning

Samuel | Last updated: Aug 01, 2022 11:01PM UTC

Hello Portswigger, I'll like to make a feature request in regards to Single Page Scanning. This would be a feature request specifically for BurpSuite Enterprise. Given that a lot of updates have been made to the DAST tool, this doesn't seem to be on the road map for single page scanning. This feature is required as soon as possible because a lot of new applications being created are made with React JS and most applications are moving from a typical page to page methodology to a more simple one page style. Finally other direct competitors like Acunetix 360 and Nessus have these functionalities in place. Are there any plans for Single Page Scanning in place? Thanks.

Liam, PortSwigger Agent | Last updated: Aug 02, 2022 06:50AM UTC

Thanks for your message, Samuel. We've added these improvements to Burp Scanner over the last year or so: Improved single-page application scanning (SPAs) - Burp Scanner now handles navigational actions that cause DOM updates without a synchronous request to the server. Auditing of async traffic - greatly improved scanning of SPAs via an audit of in-scope API requests issued from client-side JavaScript using XHR or Fetch. - https://portswigger.net/burp/pro/roadmap Do you have a SPA you have trouble scanning?

Samuel | Last updated: Aug 02, 2022 07:26PM UTC

Hello Liam thanks for your response. So at the moment, it seems the tool cant scan URL`s that have reference modifiers (#)

Samuel | Last updated: Aug 03, 2022 01:20AM UTC

Another issue is that applications that arent SPA`s but have intricate features buried within a page, Burp isnt able to crawl to hit those features within the page.

Liam, PortSwigger Agent | Last updated: Aug 03, 2022 10:26AM UTC

I've discussed this with our Scanner team. We think we should do a decent job crawling URLs with reference modifiers (#). Could you try setting the following option to YES: Application uses fragments for routing - Single-page applications (SPAs) often use URL fragments for client-side routing. This enables them to display what appear to be several distinct pages without the browser making additional requests to the server. Burp Scanner needs to know whether the target application uses fragments in this way in order to crawl it effectively. By default, if a fragment contains any of the following characters, the crawler assumes that it is used for client-side routing: / \ ? = &. However, you can use this setting to control this manually if you prefer. - https://portswigger.net/burp/documentation/desktop/scanning/crawl-options Please ensure you are using browser-powered scanning and let us know if this helps.

Samuel | Last updated: Aug 03, 2022 11:04AM UTC

Hello Liam, the instructions you sent to me were for Professional, im talking about Burp Suite Enterprise for all issues mentioned in my previous posts.

Liam, PortSwigger Agent | Last updated: Aug 03, 2022 11:33AM UTC

Hi Samuel. Both products use the same scan engine. The option is available in Burp Enterprise via Scan configurations > New configuration > Crawling > Misc.

You need to Log in to post a reply. Or register here, for free.