Burp Scanner is a tool for automatically finding security vulnerabilities in web applications. It is designed to support penetration testers and fits closely into Burp's user-driven testing workflow.
Use the links below for help about Burp Scanner:
Get help from other users, at the Burp Suite User Forum:
This release adds support for WebSockets to the Proxy tool. You can now view, intercept and modify WebSockets messages in the same way as regular HTTP messages.
The Scanner's support for nested insertion points has been updated to support nested data in URL-encoded query string format and precise highlighting of relevant syntax in reported Scanner issues.