Burp Scanner is a tool for performing automated scans of web sites, to discover content and audit for vulnerabilities.
The work involved in performing a scan comprises two key phases:
Crawling for content - This involves navigating around the application, following links, submitting forms, and logging in where necessary, to catalog the content of the application and the navigational paths within it. Read more
Auditing for vulnerabilities - This involves analyzing the application's traffic and behavior to identify security vulnerabilities and other issues. Depending on the scan configuration, it may involve sending a large number of requests to the application. Read more
Use the links below for help about using Burp Scanner: