When manually testing an application you often want to perform a scan of a single item of interest or a small range of requests. Burp 2 gives you more powerful ways of doing this.

Burp 1.x

In Burp 1.x, there is a single queue of pending scanning work. You can send individual selected items to this queue via the context menu:


Burp 2.0

In Burp, you can send selected items for scanning in exactly the same way, by choosing "Scan" from the context menu:

The new scan wizard gives you various options. To scan the specific items you selected, leave the scan type selection as "Audit selected items". You can configure anything else you want about the scan, including its configuration, using the wizard:

Once started, the scan appears in Burp's Dashboard, where you can monitor and control its progress.

What makes Burp 2.0 so much more powerful is what happens the next time you select items to be scanned. Burp lets you send those items straight to the task that you already created, or open the scan launcher to create a new task for the selected items:

This new flexibility can considerably improve the efficiency of your testing workflow. You can create multiple parallel scans with different configurations that are optimized for different purposes. For example, you might perform a default scan on all items that look interesting, a very quick scan for just XSS on requests where you see input reflected, or a thorough scan for file path traversal vulnerabilities on any requests relating to file handling.