The updated Burp suite scanner has new add-on features and bug fixes that enhance the scanning process’s overall performance.
Burp Suite is an integrated platform/graphical tool for performing security testing of web applications.
On 27 July 2023, Portswigger released all improved versions of Burpsuite, including the reuse of HTTP/1, customizable SNI values, browser updates, and bug fixes.
Burp Suite 2023.8 New Features
The new facility lets the users reuse and control HTTP/1 connections to speed up attacks found in Intruder > Settings > HTTP/1 connection reuse.
Users can enable Unrecognized project files settings to open files from unknown sources safely.
Also, users can set intermediate certificates when a new PKCS#11 certificate is added for hardware tokens and smart cards.
SNI values can be customized in Repeater, reproducing external service interaction issues detected by Scanner.
To improve scan efficiency, they have included Crawl Tab in the target tool to display the path information populated from all the scans.
In addition to that, the Isolated scan feature is included to test settings without impacting “live” scan results.
Burp Scanner can now run introspection queries on GraphQL endpoints to gain information on available queries and mutations.
A new Automatic throttling setting is added to the Resource pool section of the scan launcher.
The crawl optimization technique is tuned to reduce the chance of interesting content being missed.
Also, they have improved minor bugs found in their old versions below
- Fixed an issue that was causing the Proxy response panel to freeze.
- Improved the reliability of the Send to Organizer function.
- Fixed an issue where requests/responses generated by Intruder
- Fixed a bug that makes the crawler not always wait for slow, asynchronous queries that cause a DOM mutation to return.
They upgraded Burp’s built-in browser to 115.0.5790.110 for Windows and Linux and 115.0.5790.114 for Mac.