BurpSuite - Fundamentals

BurpSuite - Dashboard and scanning

Medium
1 h 0 min

What is the Burp Suite scanner?

Burp Suite is a handy tool for many things, both security testing and development. Just being able to easily inspect and modify HTTP traffic is quite useful.

Despite all these useful functions, it is undeniable that the number one tool of Burp Suite, its crown jewel and flagship, is its scanner.

The scanner can perform vulnerability scans, where Burp tries to identify various vulnerabilities or weaknesses in the target, and crawling-type scans, where the tool tries to automatically map the paths and interfaces of the website.

Dashboard

Scans are initiated, monitored, and managed from the Burp Dashboard.

The top left pane contains all the current operations you have created. For example, if you create a new scan, it will appear here, where you can manage it. By default, BurpSuite Pro version performs passive mapping and auditing, but you can disable these if you want.

Using a Scanner - Practical Example

Starting the exercise

Now we will start the example lab below and run Burp's audit and mapping scan against it. If you are a member of Hakateemia, you can start the task below and proceed with it.

Network modem - exercise

Find the command injection vulnerability in the lab and use it to read the flag.txt file.

Exercises

Flag

Find the flag from the lab environment and enter it below.

Opening Application with Burp Browser

Open the application with a browser that is configured to work with BurpSuite software, for example, by opening Burp's built-in browser. Make sure that the application is visible in Burp by going to the Target window.

Setting the target to scope

Next, set the target In-Scope, meaning include it in the current scope.

Filter the Target window to display only the items contained in the scope by clicking the Filter button located at the top bar. Select Show only in-scope items as the filter. Then select Apply.

Now we should only see the desired target.

Vulnerability and mapping scanning (Crawl and audit)

Next, perform a basic audit and mapping scan on this target. Right-click on the target and select Scan.

This should open a four-part window, where the first part determines the scanning type, as well as other details, such as targets.

Select Crawl and audit, which means mapping and auditing scan. Then go to the Scan Configuration window.

Scanning Configuration

Next, we can choose between two different options, which are to choose a preconfigured scanning configuration or create our own. There are also more preconfigured configurations available by going to Use a custom configuration -> Select from library.

However, we will choose the Deep-scan on the first page. On the next page, we can specify the authentication-related actions more precisely, meaning providing ready-made credentials or stored login sequences. Nothing needs to be done for this right now.

Let's take a look at the last window, which is related to resources. The default setting for Burp is often very good and does not require adjustment, but occasionally it may be necessary to either increase or decrease resources as well as scanning speed. However, let's leave this as the default for now.

Starting and monitoring the scan

Select OK and the scanning source will start automatically. Go back to the Dashboard page. Now we can see that a new scanning operation is in progress and we can open it by pressing the arrow+window button on the right side of the operation.

It won't take long for BurpSuite to detect the command injection vulnerability in the task.

Stopping the scan

Stop the scan by clicking on the stop sign in the top right corner of the window.

Reviewing scan results

Finally, return to the Dashboard page and investigate the vulnerabilities and deficiencies found during the scanning.

hakatemia pro

Ready to become an ethical hacker?
Start today.

As a member of Hakatemia you get unlimited access to Hakatemia modules, exercises and tools, and you get access to the Hakatemia Discord channel where you can ask for help from both instructors and other Hakatemia members.