Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Stop the Audit of a Project After a Defined Time Period

Jase | Last updated: Mar 13, 2020 06:18PM UTC

We would like to limit the load that our Burp scans are placing on a server after, let's say, an hour. We see that the crawl time can be defined, but we don't see any options to stop processing Audits after a certain time period has transpired. Is there a way to accomplish this in the PRO version? If there is no a way to define the audit time for a project, is there an API call that can be made to stop the processing of the project? I see that scans can be paused, but I don't see any stop options in the UI, so I was hoping the API might have a call to trigger this action. Thanks.

Hannah, PortSwigger Agent | Last updated: Mar 16, 2020 10:28AM UTC

We do not currently have a way to limit the time taken to audit. You can control how Burp reacts to handling application errors during the audit, and you can configure your resource pool to reduce the load that Burp scans are placing on your server. These settings can be found when configuring your scan. You can also schedule a task to pause the task execution engine at a specific time. You can find this setting under "Project options > Misc > Scheduled tasks". You may want to write an extension for this functionality. You can find our Extender API documentation here: https://portswigger.net/burp/extender/api/index.html The IScanQueueItem interface allows you to cancel items in your scan queue. You could also use IBurpExtenderCallbacks.exitSuite() to exit Burp Suite after a certain amount of time. On reopening your project file, all scans in progress would be paused.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.