Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

How to make Active Scanner avoid to scan files like jpg/css/gif and so on.

John | Last updated: Dec 12, 2017 10:25AM UTC

How would I do that? I saw few similar questions raised but the support team always finds a way not answer it practically. Can someone help answer this question?

Liam, PortSwigger Agent | Last updated: Dec 12, 2017 10:25AM UTC

When you launch a scan you can you the Active scanning wizard to remove certain categories of items. Use the "Remove items with the following extensions" option to avoid scanning various file types. Please let us know if you need any further assistance.

Burp User | Last updated: Dec 13, 2017 01:59AM UTC

Using Active Scanning Wizard is not answer for us :( We are looking for solution when the scanner is doing active scanning when while browsing. You talking about when user wants to chose what to scan which is not understood for all. You are not answering how to avoid to automatic scanning of those file when scanner is working while browsing with proxy.

PortSwigger Agent | Last updated: Dec 13, 2017 08:50AM UTC

Hi John, Ok, you can control this using a custom scope. In Scanner > Live scanning > Live Active Scanning – select "Use custom scope" and enable advanced scope control. Add you target to "Include in scope" then add a rule to "Exclude from scope" that covers the extensions you don't want to scan. Please let us know if you need any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.