login

Burp Suite, the leading toolkit for web application security testing

Burp Scanner Help

Burp Scanner is a tool for automatically finding security vulnerabilities in web applications. It is designed to support penetration testers and fits closely into Burp's user-driven testing workflow.

User Forum

Get help from other users, at the Burp Suite User Forum:

Visit the forum ›

Monday, November 3, 2014

v1.6.07

This release contains various enhancements to the Scanner engine logic, to improve both the reliability of issue reporting, and the quality of proof-of-concept exploits. Improvements have been made to the following checks:

  • OS command injection
  • SQL injection
  • HTTP response header injection
  • File path traversal
  • Server-side JavaScript / NoSQL injection
  • Reflected cross-site scripting
  • Various DOM-based issues
  • Open redirection

See all release notes ›

Copyright © 2014 PortSwigger Ltd. All rights reserved.