Scanner

Burp Scanner can automatically do vulnerability assessment of web applications.

We can conduct an active scan, which involves sending more data to the server, or passive scanning, which is basically looking for vulnerabilities passing through the Proxy tool. Either Custom scope can be set for the scanning, or active scanning can be done for the already existing suite scope.

The Burp Scanner tool can also be configured to provide a point-and-click scan, but this is not recommended according to the tool. Most web application scanners suffer from similar issues in terms of the following:

The coverage of the application is one major issue. In most cases, automated scanners are unable to understand JavaScript or Flash content. In scanner terms, ...

Get Burp Suite Essentials now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Burp Suite Essentials by Akash Mahajan

Scanner

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly