Scanner and Extensions
Automate testing.
Automating with Scanner
Burp's Scanner automatically tests an application for common vulnerabilities, freeing you to focus on the harder, manual logic flaws.
It is available in Burp Suite Professional and Enterprise editions, not Community.
Crawl and Audit
A Burp scan has two phases: crawl discovers the application's pages and inputs, and audit tests each discovered input for vulnerabilities.
You can run crawl only, audit only, or both.
Scan phases:
1. Crawl -> map URLs, forms, params
2. Audit -> test inputs for issuesAll lessons in this course
- Proxy and Interception
- Repeater and Intruder
- Scanner and Extensions
- Practical Workflows