BChecks is a new feature in Burp Suite Enterprise Edition (originally introduced to Burp Suite Professional a few months back) that enables you to extend the types of vulnerabilities searched for within a scan. Using BChecks as part of your automated scanning enables you to look for vulnerabilities tailored to your web application portfolio and react quickly to zero-day vulnerabilities.
Now, from Burp Suite Enterprise Edition version 2023.12, you can upload BChecks into the BChecks tab of the Extensions section and enable them on a site/folder level to be applied to any scans that target that site. Any vulnerabilities identified from those BChecks will be displayed in the Issues tab alongside any other issues enabled by your scan configuration.
Since 2023.6.2, BChecks can be created, tested, and applied within Burp Suite Professional. By applying BChecks, you can easily extend the scope of the vulnerabilities that Burp Scanner looks for without the hassle of writing and building an extension. Once loaded within the BChecks tab, you can enable them within a scan configuration to find unique vulnerabilities custom to the application you are testing.
Do you have an awesome BCheck that you want to share with the rest of the Burp Suite community? We have a GitHub repository with various options crafted by our community that you can submit to. These BChecks are free to use and compatible with both Professional and Enterprise Edition to empower you to find vulnerabilities and keep your web application estate secure.
Come and take a look: GitHub repository