Burp Suite, the leading toolkit for web application security testing

Burp Web Vulnerability Scanner

Burp Suite's vulnerability scanner helps you to find, track and fix vulnerabilities in your web applications:

Burp Scanner is a state-of-the-art vulnerability scanner for web applications. It is designed with security testers in mind, to integrate closely with your existing techniques and methodologies for manual and automated testing.

Why use Burp web scanner to improve your web application security?

Consistently finds website vulnerabilities

  • Burp web vulnerability scanner is designed by industry leading penetration testers.
  • Burp Scanner’s advanced feedback-driven scan logic is designed to reproduce the actions of a skilled human tester.
  • The scanner combines great performance against all vulnerabilities in the OWASP top 10, such as SQL injection and cross-site scripting (XSS), with one of lowest false positive rates in the industry.
  • Advanced crawling capabilities (including coverage of the latest web technologies such as REST, JSON, AJAX and SOAP) combined with the greatest level of attack customization on the market, allows Burp vulnerability scanner to achieve greater scan coverage and more complete vulnerability detection than other fully automated web scanners.
  • Burp Scanner is continually updated. Our team of security researchers work directly with the scanner development team to ensure Burp Scanner can find the latest vulnerabilities.

Reliable reporting and vulnerability remediation advice

  • Burp scan reports clearly pick out the key security vulnerabilities.
  • Overall results from the vulnerability scanner are shown in a simple dashboard view.
  • Vulnerabilities are ranked on severity and confidence to help decision makers focus quickly on critical issues.
  • Burp scan reports include detailed, issue-by-issue, remediation advice.
  • Reporting highlights relevant request and response details to allow developers to better understand vulnerabilities.

Simple, cost-effective licensing

Burp vulnerability scanner is available with a Burp Suite Professional Licence at $299 per user per year, making it the most competitively priced web vulnerability scanner on the market.

Independent studies have shown that Burp Scanner is amongst the most powerful and effective web scanners on the market, offering outstanding value for money.

There are no hidden costs:

  • Updates are free for all Burp Suite Professional users.
  • Support is provided to all users through our Support Center. Users can access articles tailored to common questions, contact us directly for support or ask our committed community of Burp users for advice.

Who uses Burp Scanner?

  • Over 15,000 individuals, in 6,000 companies, across 100 countries
  • All kinds of organizations: multi-nationals, start-ups, one-man consultancies and charities
  • 10 of the top 10 software companies
  • 9 of the top 10 US commercial banks
  • 8 out of the top 10 largest internet companies

Screenshots - click to enlarge

Copyright © 2015 PortSwigger Ltd. All rights reserved.