Burp Suite User Forum

Create new post

Which extensions to use?

Sudarshan | Last updated: Dec 08, 2023 06:29AM UTC

I want to perform basic vapt scanning on a domain or subdomains. So which are all the extensions that i can use for basic scanning.

Hannah, PortSwigger Agent | Last updated: Dec 08, 2023 10:10AM UTC

Hi. If you're using Burp Suite Professional, then we have a built-in Scanner available. You can check out the full list of vulnerabilities that it can scan for here: https://portswigger.net/burp/documentation/scanner/vulnerabilities-list If you're interested in further extending the Scanner's capabilities, then we do have a wide variety of extensions available that can add additional Scanner checks. You can find these in the BApp Store (Extensions > BApp Store). Additionally, we recently introduced the capability to quickly write your own custom scan checks in Burp using a simple language. These are called BChecks - you can find out more about these here: https://portswigger.net/burp/documentation/scanner/bchecks

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.