Results

DAST

Managing groups locally

Cloud Self-hosted Groups allow you to map users to their relevant roles. This enables you to assign the permissions for a chosen set of roles to all the ...

DAST

Trial setup guide

Get started deploying Burp Suite DAST.

DAST

Assigning scan limits

Self-hosted To avoid placing too much load on your scanning machines, you can limit the maximum number of concurrent scans that they can run. For newly ...

PROFESSIONAL COMMUNITY

Testing for OS command injection vulnerabilities

OS command injection is a vulnerability that enables an attacker to execute arbitrary operating system (OS) commands on the server that is running an ...

DAST

Scanning web apps

Cloud Self-hosted You need to create a site in order to scan a web app. You can add an unlimited number of sites. In this context, the term web app refers ...

DAST

Tracking issues over time

Cloud Self-hosted Burp Suite DAST generates statistics and charts to help you track your progress over time. This page explains how to use the trend ...

PROFESSIONAL

Testing for blind XSS

Blind cross-site scripting (XSS) is a type of stored XSS in which the data exit point is not accessible to the attacker, for example due to a lack of ...

DAST

Configuring database backups

Self-hosted If you use the bundled H2 database, you can control your database backup settings from within Burp Suite DAST as follows: Log in to Burp Suite ...

PROFESSIONAL COMMUNITY

Performing HTTP/2-exclusive attacks

When you intercept a request in Burp Proxy, or send it to Burp Repeater, the Inspector enables you to work with HTTP/2 headers and pseudo-headers in a way ...

DAST

Run your first scan

Learn how to run a web vulnerability scan in Burp Suite DAST. Scan your modern web applications with Burp Scanner.