Burp Scanner is a tool for automatically finding security vulnerabilities in web applications. It is designed to support penetration testers and fits closely into Burp's user-driven testing workflow.
Get help from other users, at the Burp Suite User Forum:
This release contains various new features and enhancements.
The Scanner has been updated with the ability to detect cross-site request forgery vulnerabilities. The Scanner logic for the detection of XSS and SQL injection vulnerabilities has been further enhanced. Burp's use of temporary files has been updated to use a small number of large temporary files, rather than an individual file for each saved HTTP request and response.