login

Burp Suite, the leading toolkit for web application security testing

Active Scan Queue

Active scanning typically involves sending large numbers of requests to the server for each base request that is scanned, and this can be a time consuming process. When you send requests for active scanning, these are added to the active scan queue, in which they are processed in turn.

The scan queue displays the following details about each item:

This information lets you easily monitor the progress of individual scan items. If you find that some scans are progressing too slowly, you can understand the reasons why, such as large numbers of insertion points, slowness in application responses, network errors, etc. Given this information, you can then take action to optimize your scans, by changing the configuration for insertion points, the scanning engine, or the active scanning areas being tested.

You can double-click any item in the scan queue to display the issues identified so far, and view the base request and response for the item.

You can use the context menu on the scan queue to perform various actions to control the scanning process. The exact options that are available depend upon the status of the selected item(s), and include:

User Forum

Get help from other users, at the Burp Suite User Forum:

Visit the forum ›

Tuesday, April 15, 2014

v1.6

Burp Suite Free Edition v1.6 contains significant new features added since v1.5, including support for WebSockets messages, PKCS#11 client SSL certificates contained in smart cards and physical tokens, a new Extender tool, allowing dynamic loading and unloading of multiple extensions, and the BApp Store, allowing quick and easy installation of extensions written by other Burp users.

Burp Suite Professional contains a number of bugfixes and tweaks, added since the last beta version.

See all release notes ›

Copyright © 2014 PortSwigger Ltd. All rights reserved.