PROFESSIONAL

Saving attacks

  • Last updated: January 27, 2023

  • Read time: 2 Minutes

Burp Intruder attacks are not saved by default, as they can result in large project files. With the results window open, you can use the commands in the top-level Save menu to save various aspects of the attack:

  • Results table - Save the results table as a text file, which you can use for further analysis.

    • You can configure which rows and columns to save, and the delimiter. This means, for example, that you can save a single column to use as an input file for subsequent attacks.
  • Server responses - Save the full responses received for all requests. You can choose whether these are saved as sequentially numbered individual files, or sequentially concatenated into a single file.
  • Attack configuration - Save the configuration of the current attack as a file.

    • You can use a saved attack configuration with future attacks. Go to the top level Intruder menu and select Load attack config.
  • Project file - Save a complete copy of the attack configuration and results to the project file. This option is only available for disk-based projects.

    • You can save the attack to project file before, during, or after the attack. The state of the attack is saved from that point on.
    • If you close a saved attack, select Open saved attack in Burp's top-level Intruder menu to open it later.

Note

Intruder attacks can no longer be saved to state files. Legacy state files can still be loaded, by selecting Open saved attack from the top level Intruder menu.

Closing attacks

If you close an attack window while an attack is in progress, you are prompted to either:

  • Let the attack carry on in the background.
  • Discard the attack.

If you close an attack window once the attack is finished, you can also choose to save the attack to a project file (for disk-based projects).

To set a default answer for either prompt, go to the top-level Intruder menu and select Close attack results preferences.

Note

If you are missing information on the attack results table, you may have shut down Burp Suite while an attack was in progress, before the relevant requests could be sent.

Was this article helpful?