login

Burp Suite, the leading toolkit for web application security testing

PortSwigger Web Security Blog

Sunday, November 29, 2009

[V13P] Other bits and pieces

I've described most of the major additions to Burp's functionality that are arriving in v1.3. There are a few other smaller tweaks that are worth drawing attention to:

  • The tables in the site map and search results now include a timestamp column. Sorting the results on this column lets you easily see when new items are added. This is handy when you are running spidering or content discovery exercises, or when performing dynamic searches, all of which add new entries to these tables periodically.

  • The background autosave feature now optionally performs a final autosave on exit, so that you will always have a current snapshot of your work provided Burp closes down gracefully.

  • Repeater now shows a response timer in milliseconds, which can help you verify time-delay-based tests for code injection bugs.

  • Scope rules can be individually toggled on and off, so you can easily switch between different targets which you have configured.

  • Scanner and Spider now support request throttling with optional random variations, to help you avoid overwhelming flimsy applications, and avoid alerting pattern-based intrusion detection systems.

Apologies to the many people whose requests haven't been met on this occasion - there will be further development efforts fairly early in 2010.

No comments:

Blog Archive


Support Center

Get help and join the community discussions at the Burp Suite Support Center.

Visit the Support Center ›

Copyright 2016 PortSwigger Ltd. All rights reserved.