This option reduces noise when the same issue (for example, Clickjacking) appears in many locations or even throughout an entire application. Use this setting to control whether Burp consolidates frequently-occurring passive issues. Use this option to speed up your scans, with a relatively low risk that you will miss vulnerabilities.Ĭonsolidate frequently occurring passive issues This setting makes scans more efficient by omitting checks that appear irrelevant given the base value of the parameter at each insertion point.įor example, if a parameter's value contains characters that do not normally appear in filenames, Burp skips file path traversal checks for this parameter. Skip checks unlikely to be effective due to insertion point's base value If a scan reaches the specified maximum crawl and audit time then it pauses and an entry is added to the event log. It is not available for audit-only scans, or scans that are currently in progress. This setting defines the maximum total run time for each scan, in minutes. Normal is mid-way between the two, and represents a suitable trade-off between false positive and false negative issues for many applications.However this setting may result in Burp Scanner missing some genuine issues, because some of the retry requests might not return the result being tested for.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |