Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Application Login Session

Rajesh Nov 06, 2019 05:37AM UTC

During the manual audit/scan, why does the burp logsout the application under audit/scan?

During the audit/scan, some of the requests are resulting in request timed out? Is it expected and what could be the reason?

During the audit/scan, is it necessary to maintain an active session of the application under scan or Burp has the capability to handle this automatically?


Michelle Gillian Nov 06, 2019 02:06PM UTC Support Center agent

Would you be able to tell us a bit more about what’s happening with the logout during a manual audit/scan? Could you clarify that you are referring to Burp logging itself out of the target application during the scan?

Requests can time out for a number of reasons, as a starting point, it could be worth throttling the requests and seeing if this helps the website respond more quickly. Information on how to configure the resource pool can be found here: https://portswigger.net/blog/burp-2-0-how-do-i-throttle-requests.

To respond to your final question fully, we would need to know more about the authentication requirements of the target application as this could require a combination of various Burp tools to maintain a successful session during scanning.


Post Your public answer

Your name
Your email address
Answer