Results

DAST

Install with the default options

Install Burp Suite DAST with the default options to get up and running as fast as possible.

PROFESSIONAL COMMUNITY

Testing for web message DOM XSS with DOM Invader

Web message DOM XSS occurs if the destination origin for a web message trusts the sender not to transmit malicious data in the message, and handles the data ...

PROFESSIONAL DAST

Submitting BChecks to the community

When you write a BCheck for Burp Suite, you can share it with the community. This collaboration enables the community to access an ever-growing library of ...

DAST

Configuring site and scan data settings

Cloud Self-hosted You can configure Burp Suite DAST to create new sites for API-generated scans. You can also change the criteria that identify issues as ...

PROFESSIONAL DAST

BCheck definitions

BChecks are custom scan checks that you can create and import. Burp Scanner runs these checks in addition to its built-in scanning routine, helping you to ...

DAST

Managing certificates for outbound connections

Self-hosted You can add or remove certificates so that Burp Suite DAST knows which external systems to trust. For example, you can add certificates for ...

DAST

Installing the application (Kubernetes)

Burp Suite DAST uses Helm to manage installation and configuration. In order to install the application you first need to download its Helm chart. ...

DAST

Best practices for scanning

Cloud Self-hosted Burp Suite DAST provides preset scan configurations for easy setup. These work for most cases, but some applications may need to use ...

PROFESSIONAL COMMUNITY

Scoping the effort to audit a website

Before you start testing, it's useful to estimate how much time and effort is required to audit the target website. These are some of the factors that have ...

DAST

Activating your license (Standard)

When you log in to Burp Suite DAST for the first time, you are prompted to activate your license before you can begin using the product. Note Before you ...