Burp Scanner is a tool for performing automated scans of web sites, to discover content and audit for vulnerabilities.
The work involved in performing a scan comprises two key phases:
- Crawling for content - This involves navigating around the application, following links, submitting forms, and logging in where necessary, to catalog the content of the application and the navigational paths within it. Read more
- Auditing for vulnerabilities - This involves analyzing the application's traffic and behavior to identify security vulnerabilities and other issues. Depending on the scan configuration, it may involve sending a large number of requests to the application. Read more
Use the links below for help about using Burp Scanner: