Active Scan Queue
Active scanning typically
involves sending large numbers of requests to the server for each base
request that is scanned, and this can be a time consuming process. When you send requests for active scanning, these
are added to the active scan queue, in which they are processed in turn.
The scan queue displays the following details about each item:
- An index number for the item, reflecting the order in which items
were added.
- The destination protocol, host and URL.
- The current status of the item, including percentage complete.
- The number of scan issues
identified for the item (this is colorized according to the significance
and confidence attached to the most serious issue).
- The number of requests made while scanning the item. Note that this is
not a linear function of the number of insertion points - observed
application behavior feeds back into subsequent attack requests, just as
it would for a human tester.
- The number of network errors encountered.
- The number of
insertion points created for the item.
- The start and end times of the item's scanning.
This information lets you easily monitor the progress of individual scan
items. If you find that some scans are progressing too slowly, you can
understand the reasons why, such as large numbers of insertion points,
slowness in application responses, network errors, etc. Given this
information, you can then take action to optimize your scans, by changing
the configuration for
insertion points, the scanning
engine, or the active
scanning areas being tested.
You can double-click any item in the scan queue to display the issues
identified so far, and view the base request and response for the item.
You can use the context menu on the scan queue to perform various actions
to control the scanning process. The exact options that are available depend
upon the status of the selected item(s), and include:
- Show details - This opens a window showing the
issues identified so far, and the base request and response for the
item.
- Scan next - This repositions the selected item(s)
in the queue so that they are scanned next.
- Cancel - This cancels the selected item(s) so they
will not be scanned. If scanning has already begun, there will typically
be a short delay while the pending scan requests are completed, and the
item is fully cancelled.
- Scan again - This duplicates the selected item(s)
and adds these to the end of the queue.
- Hide finished items - This hides from view
any items that are finished, cancelled or abandoned. You can toggle this
option to restore items that are hidden.
- Pause / resume scanner - This pauses and resumes
the active scanner. If any scanning is currently underway when the
scanner is paused, there will typically be a short delay while the
pending scan requests are completed.
- Add comment - You can use this function to add a
comment to the selected item(s). See
Annotations for more details.
- Highlight - You can use this function to apply a
highlight to the selected item(s). See
Annotations for more details.
- Send to ... - These options are used to send the
base request for the selected item to other Burp tools.
Annotations
You can annotate scan queue items by adding comments and
highlights. This can be useful to flag up interesting items for further
investigation or to help manage manual operations on a large queue.
You can add highlights in two ways:
- You can highlight individual items using the drop-down menu on the
left-most table column.
- You can highlight one or more selected items using the "Highlight"
item on the context menu.
You can add comments in two ways:
- You can double-click the relevant entry, within the Comment column,
to add or edit a comment in-place.
- You can comment one or more selected items using the "Add comment"
item on the context menu.
Thursday, September 8, 2016
1.7.06
This release introduces a new scan check for second-order SQL injection vulnerabilities. In situations where Burp observes stored user input being returned in a response, Burp Scanner now performs its usual logic for detecting SQL injection, with payloads supplied at the input submission point, and evidence for a vulnerability detected at the input retrieval point.
See all release notes ›