Active Scan Queue
Active scanning typically involves sending large numbers of requests to the server for each base request that is scanned, and this can be a time consuming process. When you send requests for active scanning, these are added to the active scan queue, in which they are processed in turn.
The scan queue displays the following details about each item:
- An index number for the item, reflecting the order in which items were added.
- The destination protocol, host and URL.
- The current status of the item, including percentage complete.
- The number of scan issues identified for the item (this is colorized according to the significance and confidence attached to the most serious issue).
- The number of requests made while scanning the item. Note that this is not a linear function of the number of insertion points - observed application behavior feeds back into subsequent attack requests, just as it would for a human tester.
- The number of network errors encountered.
- The number of insertion points created for the item.
- The start and end times of the item's scanning.
This information lets you easily monitor the progress of individual scan items. If you find that some scans are progressing too slowly, you can understand the reasons why, such as large numbers of insertion points, slowness in application responses, network errors, etc. Given this information, you can then take action to optimize your scans, by changing the configuration for insertion points, the scanning engine, or the scan issues being tested.
You can double-click any item in the scan queue to display the issues identified so far, and view the base request and response for the item.
You can use the context menu on the scan queue to perform various actions to control the scanning process. The exact options that are available depend upon the status of the selected item(s), and include:
- Show details - This opens a window showing the issues identified so far, and the base request and response for the item.
- Scan next - This repositions the selected item(s) in the queue so that they are scanned next.
- Cancel - This cancels the selected item(s) so they will not be scanned. If scanning has already begun, there will typically be a short delay while the pending scan requests are completed, and the item is fully canceled.
- Scan again - This duplicates the selected item(s) and adds these to the end of the queue.
- Hide finished items - This hides from view any items that are finished, canceled or abandoned. You can toggle this option to restore items that are hidden.
- Pause / resume scanner - This pauses and resumes the active scanner. If any scanning is currently underway when the scanner is paused, there will typically be a short delay while the pending scan requests are completed.
- Add comment - You can use this function to add a comment to the selected item(s). See Annotations for more details.
- Highlight - You can use this function to apply a highlight to the selected item(s). See Annotations for more details.
- Send to ... - These options are used to send the base request for the selected item to other Burp tools.
You can annotate scan queue items by adding comments and highlights. This can be useful to flag up interesting items for further investigation or to help manage manual operations on a large queue.
You can add highlights in two ways:
- You can highlight individual items using the drop-down menu on the left-most table column.
- You can highlight one or more selected items using the "Highlight" item on the context menu.
You can add comments in two ways:
- You can double-click the relevant entry, within the Comment column, to add or edit a comment in-place.
- You can comment one or more selected items using the "Add comment" item on the context menu.