From here, Burp Scanner's advanced crawl engine can go to work uncovering areas of interest, before the scanner begins its vulnerability audit. This process leverages PortSwigger's excellence in research; Burp Scanner is designed to simulate the actions an expert manual penetration tester might take for a given situation.
See more customer stories
Designed by leading web security researchers, Burp Scanner aims to mirror the actions of a skilled manual tester. Benefit from PortSwigger's ongoing commitment to excellence.
Burp Scanner sits at the heart of both Burp Suite Enterprise Edition and Burp Suite Professional. It's the weapon of choice for over 70,000 users across more than 16,000 organizations - from pentesters to DevSecOps teams.
By using its advanced crawling algorithm to build up a profile of its target in a similar way to an expert tester, Burp Scanner can reveal more attack surface to exploit - without user intervention.
Find more vulnerabilities - and fewer false positives. Bring a whole new facet to your security testing with reliable automated OAST (out-of-band application security testing).
I have already chosen Burp against our recommended scanning tool. Considering the flexibility in config, customer support, effectiveness in catching bugs etc.
Automate Burp Scanner. Integrate with CI/CD and enable DevSecOps. Indefinite scalability.
Learn more about the research-driven scanner that sits at the heart of Burp Suite.
Integrate Burp Scanner with manual pentesting workflows, apply custom scan checks, and much more.