Professional

Automated scanning

Last updated: June 18, 2024
Read time: 1 Minute

Burp Scanner is an automated dynamic application security testing (DAST) web vulnerability scanner that powers scans of both web applications and APIs in Burp Suite Professional.

Designed to replicate the actions and methodologies of a skilled manual tester, Burp Scanner can handle virtually any target. It's highly configurable, enabling you to tailor scans based on the specific needs of the application or API being tested. Burp Scanner integrates with other Burp tools, enabling you to streamline your penetration testing workflow.

In this section

This section explains how to run and configure scans in Burp Suite Professional. For information on how Burp Scanner itself works, see the Burp Scanner section.

Scanning web applications
Scanning APIs
Live tasks
Viewing scan results
Reporting scan results
Creating custom scan checks using BChecks
Configuring application logins
Managing resource pools
Using custom scan configurations
Setting the scan scope