Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

How do I stop certain file types going to the active scanner?

Chris | Last updated: Jan 25, 2016 11:07PM UTC

This seems like it should be easy, but it's not working as I expected. I want to block all files of a certain type from going to the active scanner, even if it's otherwise in scope. For example, if I want to stop all CSS files from being scanned, then I thought I could create a rule to skip *.css, but I can't seem to make it happen. Any ideas?

Liam, PortSwigger Agent | Last updated: Jan 26, 2016 09:12AM UTC

Hi Chris Thanks for your message. When you start an active scan from the Target > Site Map tab, by right clicking on the host you wish to scan, you will be presented with the Active Scanning Wizard. Check the box titled "Remove items with the following extensions" and ensure that "css" is listed in the box below. Please let us know if you need any further assistance.

Liam, PortSwigger Agent | Last updated: Feb 19, 2016 09:13AM UTC

SB, did you have any luck using the "skip all tests for these parameters" function? We can look at making a tutorial page if this would help?

Burp User | Last updated: Aug 10, 2018 09:50AM UTC

Hi Chris, Did you find an answer to your question? I am using the "skip all tests for these parameters" section, in vain. Either it is being ignored or I am entering incorrect rules (help does not show any example on how to correctly fill these fields). best, sb

Burp User | Last updated: May 30, 2019 09:53AM UTC

This tutorial would be a great help even i am facing a similar issue where i have created a Skip Rule but it doesn't work for a Passive Scan. check image link below: http://prntscr.com/nvc101

Liam, PortSwigger Agent | Last updated: May 31, 2019 10:05AM UTC

Amit, a passive scan does not send any payloads. So it shouldn't be affected by these settings.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.