Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Single thread possibility

Andrej | Last updated: Feb 01, 2018 01:12PM UTC

Hi, with your new update in changing the # of threads into # of concurrent rate limit; could it be possible to limit Active scan to a single thread? I test apps which often have very complex session management, or 1-time CSRF tokens, and I personally feel more confident in a single thread and scanning. Also the debugging of session management/problems with environment are much better with a single thread scanning. And last but not least, when environment becomes very congested/slow, having a single thread is better for stuff like time-based SQL injections. Many thanks

PortSwigger Agent | Last updated: Feb 01, 2018 01:26PM UTC

Hi Andrej, Thanks for getting in touch. This is a good suggestion. The current arrangement had threads = (1.25 * concurrent requests) We're going to look at hard coding the case of 1 concurrent request so it always results in 1 thread. We'll let you know when we make progress.

Liam, PortSwigger Agent | Last updated: Feb 02, 2018 12:09PM UTC

We've updated this feature so that 1 concurrent request always results in 1 thread.

Burp User | Last updated: Mar 15, 2018 06:31PM UTC

This is a great suggestion and would be very helpful for me as well. suggestion++

Burp User | Last updated: Apr 03, 2018 09:49AM UTC

Adding my support to this suggestion, has there been any movement on an update? Thanks

Burp User | Last updated: May 23, 2018 02:19PM UTC

thanks, out of curiosity, is this already present in all the tools [Active scanner, Intruder] and version 1.7.33?

PortSwigger Agent | Last updated: May 23, 2018 02:21PM UTC