Burp Collaborator is an external service that Burp can use to help discover many kinds of vulnerabilities. For more details about the functionality and alternative methods of utilization of Burp Collaborator, see the main Burp Collaborator documentation.
Note: The functionality of Burp Collaborator gives rise to issues that require careful consideration by users. Users should ensure that they fully understand the functionality and the alternative methods of utilization of Burp Collaborator, and have considered the consequences of utilization for themselves and their organization.
The following options for using Burp Collaborator server are available:
Use the default Collaborator server - This default option uses a public Collaborator server provided by PortSwigger. This server is shared between all Burp users who use it. If the public Collaborator server suffers from any service outage or degradation, then the efficacy of Collaborator-related functionality within Burp may be impaired. For this reason, PortSwigger makes no warranty about the availability or performance of this server.
Don't use Burp Collaborator - With this option, none of the Collaborator-related capabilities within Burp will be available.
Use a private Collaborator server - This option lets you use your own instance of the Collaborator server. See the documentation on deploying a private Collaborator server if you would like to do this.
If you are using a private Collaborator server, you will need to configure Burp with the details of its location. The following options are available:
Server location - This is the domain name or IP address of your server. If you specify the server by IP address, then Burp's Collaborator-related functionality that relies on DNS resolution will not be available. For more details, see the main Burp Collaborator documentation.
Polling location (optional) - This optional field lets you specify the location where your private Collaborator server answers polling requests. Collaborator servers can be configured to receive interactions and answer polling requests on different network interfaces, if required. You can specify the polling location by hostname or IP address, with an optional port number separated by a colon. For example, 10.20.30.40:8008.
The following further options are also available:
Poll over unencrypted HTTP - By default, Burp polls the Collaborator server over HTTPS, and enforces TLS trust to prevent man-in-the-middle attacks. If your instance of Burp is unable to poll directly over HTTPS due to network or other limitations, you can opt to poll over unencrypted HTTP.
Run health check - This button displays a dialog that performs a quick health check of your configured Collaborator server. It verifies whether it is possible to interact with the server using various network services, and whether Burp can retrieve the details of these interactions via polling. Based on these tests, you can determine whether Burp is likely to be able to make use of all, some, or none of the Collaborator's features.
These settings control logging of HTTP requests and responses. Logging can be configured per-tool or for all Burp traffic.
Burp's embedded browser is sandboxed by default. However, in a few very specific circumstances, such as when running in Linux as root, you might not be able to launch browser-powered scans using the sandbox.
If you run into issues, use the "Embedded Browser Healthcheck" to see if this is the cause. If so, you can enable the option "Allow the embedded browser to run without a sandbox". However, before doing this, please make sure that you are aware of the security implications. Scanning hostile websites without the sandbox increases the risk of your local system being compromised.