PROFESSIONAL

Viewing attack results

  • Last updated: January 27, 2023

  • Read time: 2 Minutes

You can view details of every request and response issued in the attack in the results window. Results are displayed in a table in the Results tab.

To configure the results table, click on the Columns menu and select or deselect columns. The following options are available:

  • Request - The request index number. If the attack was configured to make an unmodified baseline request, this appears as item number 0 in the table.
  • Position - The position number for the current payload (for sniper attacks).
  • Payload - The payload(s) used in the request.
  • Status - The HTTP status code.
  • Time of day - The time of day the request was made.
  • Response received - The time taken to begin receiving a response (in milliseconds).
  • Response completed - The time taken for the response to complete (in milliseconds).
  • Error - Whether a network error occurred when issuing the request.
  • Timeout - Whether a timeout occurred when waiting for or processing the response.
  • Length - The length of the response in bytes.
  • Cookies - Any cookies received in the response.
  • Comment - Any user-applied comment.

The following details are also available if the appropriate options are configured:

  • The results of any match grep items.
  • The data extracted from any extract grep items.
  • Whether or not the payload was echoed in the response, if payload grep was configured.
  • Redirects followed - The number of redirections that were followed.

Related pages

For more information on redirections, and the grep configuration options, see Burp Intruder Options.

Viewing a request

Select any item in the table to view the request and response.

Intruder viewing requests

If an attack is configured to follow redirections, Burp also displays all intermediate responses and requests.

Double-click an item to open the request and response in a new window.

Related pages

Burp Intruder has a range of functions to help you analyze the results, for more information see Analyzing attack results.

Was this article helpful?