Burp Suite Pro v1.2.13 released

Key features include:

• User-directed scanning, with ability to scan individual requests and selected regions of the target application.
• "Live scanning" in the background as you browse.
• Active and passive scanning modes.
• Advanced feedback-driven scan logic that reproduces the actions of a skilled, methodical human tester.
• Very strong coverage of core vulnerability areas whose detection can be automated, matching or surpassing other commercial-grade scanners.
• Fully customised vulnerability advisories, with all request and response details.
• Fine-grained configuration of scanning actions.
• Immediate feedback about scan results for each base request scanned, and direct control over the scan queue.
• Close integration with other Burp tools, and Suite-wide target scope configuration.
• Configurable reporting, in a format suitable for direct incorporation into client deliverables.
• Ability to save and restore state.

Changelog for this release

• You can now pause and resume active scanning, using the context menu on the scan queue tab. A new status bar shows you whether the scanner is running, and the number of currently active scan threads.

• There is a new task scheduler, which you can use to automatically start and stop certain tasks at defined times and intervals. You can schedule a task on a specific URL using the new context menu item that appears throughout Burp

• The extensibility method IBurpExtenderCallbacks.getParameters now returns the type of each parameter, as well as its name and value. The method’s signature is unchanged, however the implementation now returns the following object for each parameter

• Passwords are now masked on-screen in the UI for configuring www and proxy authentication.