login

Burp Suite, the leading toolkit for web application security testing

Target Analyzer

This function can be used to analyze a target web application and tell you how many static and dynamic URLs it contains, and how many parameters each URL takes. This can help you assess how much effort a penetration testing engagement is likely to involve, and can help you decide where to focus your attention during the test itself.

To access this feature, select one or more hosts or branches within the site map, and choose "Analyze site map" within "Engagement tools" in the context menu.

The Target Analyzer dialog contains the following tabs:

The following points are worth noting about the target analyzer:

User Forum

Get help from other users, at the Burp Suite User Forum:

Visit the forum ›

Tuesday, November 18, 2014

v1.6.08

This release contains various new features and enhancements.

The Scanner has been updated with the ability to detect cross-site request forgery vulnerabilities. The Scanner logic for the detection of XSS and SQL injection vulnerabilities has been further enhanced. Burp's use of temporary files has been updated to use a small number of large temporary files, rather than an individual file for each saved HTTP request and response.

See all release notes ›

Copyright © 2014 PortSwigger Ltd. All rights reserved.