![]() When new scans are initiated via the extender API, they use a very limited default configuration. ![]() When PortSwigger released Burp 2.0, the Burp Extender API was not updated to support some of the new features including the ability to specify a configuration for a new scan. In Burp 2.0 you can have concurrently running scans, each having its own configuration. In Burp 1.0, all active scans used the same configuration. It is a great extension that has worked well, until the release of Burp 2.0.īurp 2.0 is a significant upgrade from 1.0 and includes many useful new features, such as the ability to create multiple scanning configurations. Available in the BApp Store, Carbonator provides a means to interact with Burp via the command line, scanning a target and exporting the results as HTML. For years, my tool of choice for this has been the Burp extension Carbonator. Alternatives such as Burp Suite Enterprise exist, but those of us with Burp Suite Professional may want to leverage it to perform this type of work. However, it can be difficult to use Burp for headless, unattended scanning. It is feature-rich, intuitive, well-supported, and customizable. ![]()
0 Comments
Leave a Reply. |