Burp Suite Enterprise Edition is now available in our secure Cloud  –  Learn more
Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Personalize your scanning experience with custom scan checks

BChecks is a new feature in Burp Suite Enterprise Edition (originally introduced to Burp Suite Professional a few months back) that enables you to extend the types of vulnerabilities searched for within a scan. Using BChecks as part of your automated scanning enables you to look for vulnerabilities tailored to your web application portfolio and react quickly to zero-day vulnerabilities.

Now, from Burp Suite Enterprise Edition version 2023.12, you can upload BChecks into the BChecks tab of the Extensions section and enable them on a site/folder level to be applied to any scans that target that site. Any vulnerabilities identified from those BChecks will be displayed in the Issues tab alongside any other issues enabled by your scan configuration.

Click here to find out more about BChecks in Burp Suite Enterprise Edition

A screenshot displaying BChecks being added to Burp Suite Enterprise Edition.

Since 2023.6.2, BChecks can be created, tested, and applied within Burp Suite Professional. By applying BChecks, you can easily extend the scope of the vulnerabilities that Burp Scanner looks for without the hassle of writing and building an extension. Once loaded within the BChecks tab, you can enable them within a scan configuration to find unique vulnerabilities custom to the application you are testing.

Click here to find out more about BChecks in Burp Suite Professional

A screenshot displaying BChecks being created in Burp Suite Professional.

Powered by the community

Do you have an awesome BCheck that you want to share with the rest of the Burp Suite community? We have a GitHub repository with various options crafted by our community that you can submit to. These BChecks are free to use and compatible with both Professional and Enterprise Edition to empower you to find vulnerabilities and keep your web application estate secure.

Come and take a look: GitHub repository

Competition time!

Thirsty for more?