Issue Activity
The issue activity tab contains a sequential record of the Scanner's
activity in finding new issues and updating existing issues. This is
useful for various purposes:
- Monitoring the results of a scan in progress.
- Manually reviewing new issues as they are reported.
- Viewing details of deferred interactions with the
Burp Collaborator server.
Each item in the issue activity table contains the following details:
- An index number for the item, reflecting the order in which items
were added.
- The time that the activity occurred.
- The action that was performed (e.g. "Issue found" or "Evidence
added").
- The issue type.
- The host and URL path for the issue.
- The insertion point for the issue, where applicable.
- The severity and confidence of the issue.
You can select an item in the table to view the full details of the
associated issue.
Note: When an item is selected, the issue is
displayed with all of its current details. These may differ from the
original details at the time that the activity was recorded - for
example, if the user has modified the issue's severity or confidence, or
if additional evidence for the issue was subsequently captured.
You can use the context menu on the issue activity table to perform various actions
on the selected item(s):
- Add comment - You can use this function to add a
comment to the selected item(s). See
Annotations for more details.
- Highlight - You can use this function to apply a
highlight to the selected item(s). See
Annotations for more details.
- Set severity - This lets you reassign the severity
level of the issue. You can set the severity to high, medium, low, or
informational. You can also flag the issue as a false positive.
- Set confidence - This lets you reassign the
confidence level of the issue. You can set the confidence to certain,
firm or tentative.
- Report selected issues - This starts Burp Scanner's
reporting wizard, to generate a
formal report of the selected issues.
Annotations
You can annotate issue activity items by adding comments and
highlights. This can be useful to flag up interesting items for further
investigation.
You can add highlights in two ways:
- You can highlight individual items using the drop-down menu on the
left-most table column.
- You can highlight one or more selected items using the "Highlight"
item on the context menu.
You can add comments in two ways:
- You can double-click the relevant entry, within the Comment column,
to add or edit a comment in-place.
- You can comment one or more selected items using the "Add comment"
item on the context menu.
Wednesday, November 2, 2016
1.7.10
This release adds some new APIs that extensions can use to easily implement powerful scan checks and other logic that involves response diffing.
On Friday, to coincide with our Backslash Powered Scanning talk at Black Hat EU, we will be releasing an extension to the BApp Store that demonstrates how the new APIs can be used to create powerful new scanning capabilities.
See all release notes ›