Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Skipping Tests & URL's in Audit

George | Last updated: Apr 22, 2022 09:24AM UTC

I'm trying to reduce the time it takes for a scan to complete, I've noticed some URL's are taking a long time to scan, and a lot of duplicate parameters I'd like to try and filter out, but I haven't been successful so far. 1. The first issue is trying to create a regex in the skip all tests section of the audit configuration. I would like to skip all tests for any parameter with the name 'column' at the start, I tried using this regex, but with no success: ^(column).* Is there any quirks with restricting particular parameters using a regex, or any way to easily test this? (It works in any regex testing site) 2. The second issue I am having is trying to skip the audit for a particular URL, for example, trying to skip https://host.com/login, I've set the skip all tests for these parameters section to: URL Path Filename = login But this doesn't work as expected, as a lot of tests are still being performed for this URL. I can't use the exclude URL's part of the scan, as I need this URL to be crawled and used for the login of the site.

Michelle, PortSwigger Agent | Last updated: Apr 25, 2022 10:19AM UTC

Thanks for your message. If you want to exclude a specific parameter from being used as an insertion point when you go to Audit configuration -> Ignored Insertion Points -> Skip all tests for these parameters you should be able to enter the following details, so it sounds like you're on the right lines. Match item: Any parameter (or as appropriate for your scenario) Name or value: Name Match Type: Matches regex Match expression: column.* This should then match parameters such as column1 and column2. Can you email support@portswigger.net with some screenshots of the setup you're using and some examples of what's being found so we can take a closer look, e.g. are you just trying to exclude a specific parameter, please? For your second issue can you email support@portswigger.net with a few more details on the site you're testing, the background behind needing to exclude the login page from the audit, some details on how the login page functions (e.g. does it redirect to another URL for the actual authentication) and how you're currently setting up the scan, please?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.