Burp contains a wealth of configuration options, which it is often necessary to use at different stages of your testing, to ensure that Burp works with your target application in the way you require. This article describes some of the options you are likely to need,
The target scope configuration tells Burp the items that you are currently interested in and willing to attack. You should configure this early in your testing, as it can control which items are displayed in the Proxy history and Target site map, which messages are intercepted in the Proxy, and which items may be spidered and scanned.
If the application server employs any platform level (HTTP) authentication, you configure Burp to handle the authentication automatically.
Many applications contain features that can hinder automated or manual testing, such as reactive session termination, use of per-request tokens, and stateful multi-stage processes. You can configure Burp to handle most of these situations seamlessly, using a combination of session handling rules and macros.
You can configure Burp to schedule tasks at given times or intervals, to allow you to work within specified testing windows.