Configuring a test for comparing the results from active scans from Burp Pro v1.7 vs Burp Pro v2.1
I am interested in configuring a test for comparing the results from active scans from Burp Pro v1.7 vs Burp Pro v2.1.
Should I chain the burp proxies so they both capture the browsing traffic while manually walking the test site?
Do I need to use SeleniumIDE or another record and play-back tool to make identical browsing patterns to test them separately?
Is there a better way than those methods mentioned above?
Zrjzjam, yes you could chain the two instances of Burp.
Alternatively, you could record the site map in Burp 1, save the project file, and open it in Burp 2. It’s worth mentioning that Burp 1 will Live passively scan as you crawl unless you switch this setting off via Scanner > Live scanning.
Do be aware that scan results can be affected by network speeds and application response times.
Please let us know if you need any further assistance.