Enterprise EditionProfessional

Built-in configurations

  • Last updated: March 1, 2024

  • Read time: 7 Minutes

Burp includes a number of built-in scan configurations that enable you to modify how Burp Scanner crawls and audits web applications. This page explains the settings changed in each built-in configuration, and gives example use cases for them.

Settings changed

Disables JavaScript analysis in the Issues Reported options.

Example use cases

This configuration disables resource-intensive JavaScript analysis in the Issues Reported settings, which can significantly improve scan performance. This can be useful if the machine the scan is running on does not have the resources to run Burp's browser well.

Settings changed

Disables time-based detection methods in the Issues Reported options. These methods are typically used to detect blind vulnerabilities.

Example use cases

This configuration reduces scanning time, as time-based detection methods include potentially lengthy processes such as intentionally causing page time-outs and making database sleep calls.

Settings changed

Selects only BCheck generated issues in the Issues Reported options.

Example use cases

This configuration only scans for custom issues generated by BChecks. This is useful for focusing on a specific issue with a BCheck, or debugging a BCheck's functionality.

Settings changed

Selects only the most critical issues to audit in the Issues Reported options.

Example use cases

This configuration reduces scanning time, as Burp Scanner does not need to spend time checking for non-critical issues. The issues returned are those most likely to cause damage or data loss to the target application.

Settings changed

Selects only Extension generated issues in the Issues Reported options.

Example use cases

This configuration only scans for custom issues generated by extensions. This is useful for focusing on a specific issue with an extension or debugging an extension's functionality.

Settings changed

Disables Medium active and Intrusive active audit checks. This configuration only checks for the following issues:

  • Passive issues are issues that can be detected by examining the application's normal requests and responses.
  • Light active issues require only a small number of benign additional requests.
  • JavaScript analysis issues are those that can be detected by executing the JavaScript code of the site to check it for vulnerabilities.
Example use cases

This configuration significantly reduces the risk of damage or data loss to the target application from the audit phase of the scan.

Settings changed

Disables Intrusive active scan checks. This configuration only checks for the following issues:

  • Passive issues are issues that can be detected by examining the application's normal requests and responses.
  • Light active issues require only a small number of benign additional requests.
  • Medium active issues require Burp Scanner to make requests that might be regarded as malicious.
  • JavaScript analysis issues are those that can be detected by executing the JavaScript code of the site to check it for vulnerabilities.
Example use cases

This configuration reduces the risk of Burp Scanner damaging the web application or causing data loss. Note that Medium active and Light active scans may still impact how the web application runs.

Settings changed

Selects only Passive audit checks from the Issues Reported options. Passive issues are those that can be detected by auditing normal requests and responses.

Example use cases

This configuration results in an entirely non-intrusive scan that should not affect the running of the web application.

Settings changed

Selects the following audit phase options to maximize coverage:

  • Selects the most extensive set of payload variations and insertion point options possible.
  • Disables optimization options designed to speed up tests or skip potentially redundant tests.
  • Disables passive issue consolidation.
  • Enables JavaScript analysis and sets a 10 minute maximum execution time.
Example use cases

This configuration results in the most comprehensive scan possible, ensuring that no potential issues are missed. This may result in duplicated reporting of issues, and scans requiring more time and resources.

Settings changed

Sets the Audit speed option to Thorough in the Audit Optimization options.

Example use cases

This configuration tries more payload variations during the audit phase than it would using the default setting. This may discover some additional edge case issues, but comes at the expense of some speed.

Settings changed

Based on the Balanced scan mode. This configuration uses a combination of crawl and audit settings that should see scans complete in a few hours.

Example use cases

This configuration is useful for general-purpose scanning. It is designed to give a good balance between coverage and speed.

Settings changed

Uses a combination of crawl and audit settings that are optimized for scans that run in your CI/CD pipeline. It gives a high-level overview of a target as quickly as possible.

Example use cases

This is the default scan configuration for Burp Suite Enterprise Edition when you use CI-driven scans.

Settings changed

Based on the Deep scan mode. This configuration uses a combination of crawl and audit settings that are intended to give a high level of coverage. The time taken to run a scan using the Deep configuration depends heavily on the site's size and complexity.

Example use cases

This configuration is most useful as a means of getting an in-depth look at a site's security posture.

Settings changed

Based on the Fast scan mode. This configuration uses a combination of crawl and audit settings that should see scans complete in around an hour.

Example use cases

This configuration is useful if you need to get a general overview of a site's security posture quickly.

Settings changed

Based on the Lightweight scan mode. Uses a combination of crawl and audit settings intended to give a very high-level overview of a target as quickly as possible. This configuration sets a maximum length of 15 minutes on all scans.

Example use cases

This configuration is useful in situations where you need fast feedback on a target, such as scanning as part of a CI/CD pipeline. It can also help you to plan your manual penetration testing, enabling you to quickly map out an attack surface and find any obvious vulnerabilities.

Settings changed

Limits the crawl phase to 10 minutes Maximum crawl time and 1500 Maximum unique locations discovered in the Crawl Limits options.

Example use cases

This configuration results in a very quick crawl phase for large sites. Limiting the time taken can result in a shallower crawl but still achieve good coverage of the site, as Burp Scanner prioritizes breadth when crawling.

Settings changed

Limits the crawl phase to 30 minutes Maximum crawl time and 1500 Maximum unique locations discovered in the Crawl Limits options.

Example use cases

This configuration results in a quick crawl phase for large sites. Limiting the time taken can result in a shallower crawl but still achieve good coverage of the site, as Burp Scanner prioritizes breadth when crawling.

Settings changed

Limits the crawl phase to 60 minutes Maximum crawl time and 1500 Maximum unique locations discovered in the Crawl Limits options.

Example use cases

This configuration results in a reasonably quick crawl phase for large sites. Limiting the time taken can result in a shallower crawl but still achieve good coverage of the site, as Burp Scanner prioritizes breadth when crawling.

Settings changed

Sets the Crawl strategy option in the Crawl Optimization settings to Faster.

Example use cases

This configuration means that the scan's crawl phase runs faster. It is suitable for web applications where the URLs are largely static and stateful functionality is limited.

Settings changed

Sets the Crawl strategy option in the Crawl Optimization settings to Fastest.

Example use cases

This configuration means that the scan's crawl phase runs at its fastest. It is suitable for web applications where the URLs are entirely static, with no stateful functionality.

Settings changed

Sets the Crawl strategy in the Crawl Optimization options to More complete.

Example use cases

This configuration tunes the crawl phase of a scan to work best with web applications that have volatile or overloaded URLs, and/or more complex stateful functionality, at the expense of some speed.

Settings changed

Sets the Crawl strategy option in the Crawl Optimization options to Most complete.

Example use cases

This configuration tunes the crawl phase of a scan to work best with web applications that have very volatile or overloaded URLs, and/or very complex stateful functionality, at the expense of speed.

Settings changed

Sets the Audit accuracy option in the Audit Optimization options to Minimize false negatives.

Example use cases

This configuration minimizes false negatives for some vulnerability types, helping to ensure that no potential issues are missed. This configuration can result in Burp Scanner returning additional false positives.

Settings changed

Sets the Audit accuracy option in the Audit Optimization options to Minimize false positives.

Example use cases

This configuration minimizes false positives for some vulnerability types, at the expense of returning some potential false negatives. Note that this configuration can increase scan time, because minimizing false positives requires Burp Scanner to re-scan potential vulnerabilities.

Settings changed

When scanning with this configuration, Burp Scanner does not pause the task if it encounters multiple consecutive errors during the audit phase. This configuration overrides the default setting, which pauses if 10 consecutive audit items fail.

Example use cases

This configuration may be preferable for unattended scanning.

Settings changed

When scanning with this configuration, Burp Scanner does not pause the task if it encounters multiple consecutive errors during the crawl phase. This configuration overrides the default setting, which pauses if 10 consecutive crawl items fail.

Example use cases

This configuration may be preferable for unattended scanning.

Was this article helpful?