Browser-powered scanning for Burp Suite Enterprise Edition
Browser-powered scanning is an invaluable feature that unleashes the full capability of Burp Scanner. When browser-powered scanning is enabled, Burp Scanner uses an embedded browser to perform all navigation during both the crawl and audit phases of a scan. Navigating the target in this way enables it to accurately handle virtually any client-side technology that a modern browser can. This has the potential to offer dramatically increased coverage compared to the previous crawler engine.
Enabling browser-powered scanning also allows you to take advantage of some new features that rely on the embedded browser to work. Most notably, you can record and upload full login sequences so that Burp Scanner is able to successfully handle more complex login mechanisms, including single sign-on.
How to enable browser-powered scanning for Burp Suite Enterprise Edition
Many users won't need to do anything to enable browser-powered scanning. When using the default scan configuration, Burp Scanner will automatically check your machine's specs. If it appears to meet the system requirements, all scans will use the embedded browser by default. Otherwise, scans will revert to the previous crawler engine.
If you prefer, you can also manually enable or disable browser-powered scanning in your scan configuration. You can find this option under "Crawling" > "Miscellaneous" > "Use embedded browser for crawl and audit".