Burp Suite Enterprise has a variety of preset scan configurations to help you customize your testing. Additionally, you can load scan and project configuration files from Burp Suite Professional. This tutorial demonstrates the process using two examples; setting audit checks to specific issue types and loading platform authentication settings.
The first step is to create a configuration file in Burp Suite Professional.
In the first example we are creating a scan configuration file. The file will ensure we only test for SQLi issues.
In the New scanning configuration, select the appropriate settings, chose a configuration name, check the Save to library checkbox and click Save.
To export the file go to Burp > Configuration library and use the Export function.
Save the file to an appropriate location.
In Burp Suite Enterprise, go to Scans > New scan > Scan configurations.
You can use the Scan configurations settings to load the .json scan configuration file.
Once loaded, the file will appear in the console.
The file will save below the preset scan files in the dropdown menu for future use.
You can also use Burp Suite Professional project configuration files to customise your testing.
In this example we are configuring Platform Authentication settings.
Go to Project options > Connections > Platform Authentication > Override user options.
Add the appropriate details then use the config icon > Save options.
Load the .json project configuration file via the Scan configurations settings.
Click the Save function to confirm and begin scanning.
Additionally, you can load configuration files as preset defaults for Sites.
In Burp Enterprise, go to Sites > Site details > Default scan configurations.