Replacing the inbuilt scanner? about burpbounty HOT 4 CLOSED

Hi @MadaraTech,

After creating the profile under BurpBounty for the active scan, if we are invoking active scan as you showed in Youtube videos, all other burp active scan checks going to run or not?

You can configure the test that you want to perform in Scanner->Options->Scan Issues.

By default all test are selected, so after the active scanner tests, the extension test are included, including those of Burp Bounty.

If yes, how this will be effective as burp active scanner going to scan for everything again!

It does not scan everything again, first the burp scanner tests are performed, then the extension tests are carried out.

do we need any specific configuration under burp scanner tab for using burp bounty?

Only on the Scanner->Options->Scan Issues tab, the "Extension generated issue" It has be checked . By default it is checked.

You can use two modes for select burp scanner checks, one is "Scanner->Options->Scan Issues-> Select by scan type", another type is "Scanner->Options->Scan Issues-> Select individuals issues", the configuration here will be that specifies the tests performed by the burp scanner.

I hope I've helped.

Thank you,
Regards!

from burpbounty.

Hi @wagiro,

Thanks for the all the detailed information, what if we unchecked all the issue under active scan option to avoid all the traffic from the active scanner, is burp bounty will still work normally based on the profile set in the configuration?

from burpbounty.

Hi @MadaraTech

If you deactivate all the burp scanner's checks, but leave the extensions active, Burp Bounty will work according to the profiles activated by yourself in the Burp Bounty Profile Manager.

Regards!

from burpbounty.

Thanks for the information, looking forward to using this extension :)

Again thanks for your work!

from burpbounty.