This function can be used to discover content and functionality which is not linked from visible content that you can browse to or spider.
To access this function, select an HTTP request anywhere within Burp, or any part of the Target site map, and choose "Discover content" within "Engagement tools" in the context menu.
Burp uses various techniques to discover content, including name guessing, web spidering, and extrapolation from naming conventions observed in use within the application. Discovered content is displayed within a special site map that is specific to the discovery session, and can also optionally be added to the main suite site map.
This tab shows you the current status of the discovery session.
The toggle button indicates whether the session is running, and lets you pause and restart the session.
The following information is displayed about the progress of the discovery session:
The individual discovery tasks that are queued are shown in a table. The discovery engine works recursively, and when a new directory or file is discovered, further tasks are derived from this, depending on the configuration. For example, when a new directory is discovered, Burp might add tasks to look for sub-directories and files within that directory; or, when a new file is discovered, Burp might add a task to check for the same base filename with different file extensions. Newly added tasks are prioritized according to their likelihood of quickly discovering new content.
These options let you define the start directory for the content discovery session, and whether files or directories should be targeted. The following options are available:
These options let you configure the sources that Burp should use for generating filenames to test. The following options are available
These settings control how the discovery session adds file extensions to file stems that are being tested. The file stems themselves are derived according to the filenames options. When each file stem is tested, Burp check for various different extensions, according to these settings. The following options are available:
These settings control the engine used for making HTTP requests when discovering content, and interaction with the suite site map. The following options are available:
The discovery session employs its own site map, showing all of the content which has been discovered within the defined scope. If you have configured Burp to do so, newly discovered items will also be added to Burp's main site map.
Get help and join the community discussions at the Burp Suite Support Center.
This release adds a new scan check for client-side template injection.