Results

DAST

Install with the default options

Install Burp Suite DAST with the default options to get up and running as fast as possible.

PROFESSIONAL COMMUNITY

HTTP/2 basics for Burp users

In this section, we'll provide a brief overview of some of the fundamentals of HTTP/2. We'll focus exclusively on the parts that are relevant to Burp. A ...

DAST

Performing common tasks with the GraphQL API

This page details some common tasks that you can perform using Burp Suite DAST's GraphQL API. This document is intended to complement the API reference, ...

DAST

Integrating a CI-driven scan with GitHub Actions

Cloud Self-hosted You can integrate a CI-driven scan with GitHub Actions. This enables you to use Burp Scanner to run scans as a stage in your existing ...

DAST

Configuring SAML SSO with Okta

Cloud Self-hosted This section explains how to configure SAML SSO using Okta as your identity provider. You may also need to refer to the Okta ...

PROFESSIONAL COMMUNITY

Evaluating inputs with Burp Suite

Once you have discovered functionality that is worth investigating further, you can use a range of Burp's tools to evaluate the user controllable inputs. ...

DAST

Performing bulk actions with scans

Cloud Self-hosted The bulk actions menu enables you to cancel or delete multiple scans at the same time. You can also use the Scan again option to scan the ...

PROFESSIONAL COMMUNITY

Identifying high-risk functionality with Burp Suite

You can use the Target site map and the Proxy history to identify high-risk functionality as you browse your target website. This enables you to plan how ...

PROFESSIONAL

Active scan check worked example

You can extend Burp Scanner by writing your own scan checks. A custom scan check can report new security issues that Burp doesn't detect natively. In this ...

PROFESSIONAL COMMUNITY

Credential stuffing with Burp Suite

Credential stuffing is a form of brute-force attack in which you attempt to log into a website using known username and password combinations from other ...