1. Introduction to Burp Suite Conﬁguration Library
2. Understanding Burp Suite Scan Proﬁles
3. Creating Burp Suite Custom Scan Proﬁles
4. Efficiently detecting vulnerabilities with Custom Scan
5. Using Burp Extensions and Open Source tools to detect
Introduction to Burp Suite Conﬁguration Library
Burp Suite comes with a range of built-in setting proﬁles which can
help users to quickly fuzz an application's endpoints.
Crawl options : control Scanner’s behavior during the crawl phase of the scan.
Audit options : control Scanner's behavior during the audit phase of the scan.
Understanding Burp Suite Scan Proﬁles
Creating Burp Suite Custom Scan Proﬁles
Based on the vulnerability category, we can create as many custom proﬁles as we require
● Path Traversal
● XML Entity Injection
● Server Side Request Forgery
● Web Cache Poison
● HTTP Request Smuggling
● Cross Origin Resource Sharing
These custom proﬁles are incredibly useful when you need to search for vulnerabilities
on speciﬁc parameters and endpoints, allowing you to efficiently and effectively detect
any potential vulnerabilities.