DAST
Burp Suite DAST - Reference
-
Last updated: May 22, 2025
-
Read time: 2 Minutes
Burp Suite DAST is a web-based application that allows you to use Burp Scanner's cutting-edge web scanning logic to uncover dozens of different types of vulnerability. It is designed for automated scanning at any scale, and integration with software development processes. For an overview of Burp Suite DAST, please refer to the product page.
Technical infrastructure
Familiarize yourself with the components that make up Burp Suite DAST, as well as the required infrastructure and related system requirements.
- Architecture overview - Standard instances.
- Architecture overview - Kubernetes instances.
- Scanning machines
Troubleshooting in Burp Suite DAST
Burp Suite DAST provides a range of features to help you troubleshoot any problems that you run into.
API reference
Burp Suite DAST also provides both a REST API and GraphQL API. For more information, please refer to the API reference documentation.
User interface
The pages that follow describe the user interface, and include links to further information:
- Home page
- Sites page
- Scans page
- Site and scan data settings
- Custom scan settings.
- Team page
- Settings menu
- Site-level view
- Folders
- Issue details
- Reports
- Issue details
- Reports
- Browser-powered scanning
- Bulk actions in the site tree
- User activity log
- Unattended installation
- Network and firewall rule reference
- Multi-factor authentication settings
Warning
Like any security testing software, Burp Suite contains functionality that can damage target systems. Testing for security flaws inherently involves interacting with targets in non-standard ways that can cause problems in some vulnerable targets. You should take due care when using Burp, read all documentation before use, back up target systems before testing, and not use Burp against any systems for which you are not authorized by the system owner, or for which the risk of damage is not accepted by you and the system owner.