Scanning web sites

Burp Scanner automates the task of scanning web sites for content and vulnerabilities. Depending on configuration, the Scanner can crawl the application to discover its content and functionality, and audit the application to discover vulnerabilities.

• Read more about how Burp Scanner works

Launching scans

Scans can be launched in a variety of ways:

• Scan from specific URLs. This performs a scan by crawling the content within one or more provided URLs, and optionally auditing the crawled content. To do this, go to the Burp Dashboard, and click the "New scan" button. This will open the scan launcher which lets you configure details of the scan.
• Scan selected items. This lets you perform an audit-only scan (no crawling) of specific HTTP requests. To do this, select one or more requests anywhere within Burp, and select "Scan" from the context menu. This will open the scan launcher which lets you configure details of the scan.
• Live scanning. You can use live scans to automatically scan requests that are processed by other Burp tools, such as the Proxy or Repeater tools. You can configure precisely which requests are processed, and whether they should be scanned to identify content or audit for vulnerabilities. To do this, go to the Burp Dashboard, and click the "New live task" button. This will open the live scan launcher which lets you configure details of the task.

Configuring scans

You can launch multiple scans in parallel, and each scan has its own configuration options that determine exactly how the scan is carried out. There are two key areas of configuration:

• Crawl options. These options control behavior like maximum link depth, how the crawler optimizes for speed versus coverage, and limits on the extent of the crawl. Read more
• Audit options. These options control behavior like the handling of insertion points and what detection methods are employed. These options are very important in controlling what type of audit activity will be performed, from a lightweight purely passive analysis through to a heavyweight invasive scan. Read more

Monitoring scan activity

You can monitor the progress and results of a scan in various ways:

• The Burp Dashboard shows metrics about the progress of each task, and the issue activity log shows the issues that are reported by all scanning tasks.
• You can open the task details window for an individual scan, to view the issue activity log for only that scan, and a detailed view of the audit items for applicable tasks.
• The Target site map shows all of the content and issues that have been identified, organized by domain and URL.

Reporting

You can generate reports of issues found via Burp Scanner in HTML format. You can also export issues in XML format suitable for importing into other tools.