PROFESSIONAL

Viewing attack results

• Last updated: January 27, 2023

• Read time: 2 Minutes

You can view details of every request and response issued in the attack in the results window. Results are displayed in a table in the Results tab.

To configure the results table, click on the Columns menu and select or deselect columns. The following options are available:

• Request - The request index number. If the attack was configured to make an unmodified baseline request, this appears as item number 0 in the table.
• Position - The position number for the current payload (for sniper attacks).
• Payload - The payload(s) used in the request.
• Status - The HTTP status code.
• Time of day - The time of day the request was made.
• Response received - The time taken to begin receiving a response (in milliseconds).
• Response completed - The time taken for the response to complete (in milliseconds).
• Error - Whether a network error occurred when issuing the request.
• Timeout - Whether a timeout occurred when waiting for or processing the response.
• Length - The length of the response in bytes.
• Cookies - Any cookies received in the response.
• Comment - Any user-applied comment.

The following details are also available if the appropriate options are configured:

• The results of any match grep items.
• The data extracted from any extract grep items.
• Whether or not the payload was echoed in the response, if payload grep was configured.
• Redirects followed - The number of redirections that were followed.

Viewing a request

Select any item in the table to view the request and response.

If an attack is configured to follow redirections, Burp also displays all intermediate responses and requests.

Double-click an item to open the request and response in a new window.