JavaScript vulnerability scanner

Scan JavaScript for security vulnerabilities

With its embedded browser, Burp Scanner sees JavaScript-generated content much like a human would.

Not every vulnerability scanner can see what's in front of it

But Burp Scanner can. Thanks to its embedded Chromium browser, the web vulnerability scanner at the heart of Burp Suite is able to execute JavaScript in its target application. This allows it to access a huge amount of content that it simply wouldn't be able to see otherwise.

Many web vulnerability scanners are not capable of executing JavaScript. They risk completely ignoring a huge proportion of the attack surface in any of the hundreds of millions of web applications using JavaScript today.

Gareth Heyes portrait — Gareth Heyes
PortSwigger Researcher

How JavaScript scanning enables Burp Scanner to reveal more attack surface

Because it can execute JavaScript, Burp Scanner can construct a fully rendered document-object model (DOM) even where that DOM relies on JavaScript to populate it. This is crucial for modern web applications, where many HTML pages are nothing more than containers intended to load JavaScript, which then generates their content dynamically.

Burp Scanner deals with JavaScript using a modified version of Google's Chromium browser. This means that Burp Scanner can render any content a human user would be able to see. And because the browser is embedded seamlessly within Burp Scanner, users can initiate JavaScript scanning at the click of a button - with no special configuration required.

From here, Burp Scanner's advanced crawl engine can go to work uncovering areas of interest, before the scanner begins its vulnerability audit. This process leverages PortSwigger's excellence in research; Burp Scanner is designed to simulate the actions an expert manual penetration tester might take for a given situation.

Static analysis of client-side JavaScript

Burp Scanner can parse and analyze client-side JavaScript it encounters during a scan. This process checks for dangerous assignments within the JavaScript code, and is particularly useful when scanning for cross-site scripting (XSS) vulnerabilities.

Dynamic JavaScript analysis

Using its embedded Chromium browser, Burp Scanner is able to carry out dynamic analysis of JavaScript functionality. Here, instrumented JavaScript code is executed within the browser, and resultant application behavior is analyzed to check for vulnerabilities.

of surveyed organizations are concerned about finding vulnerabilities in modern web applications, such as JavaScript and single-page applications. ^{Source: TechValidate survey of PortSwigger customers}

See more customer stories

Burp Scanner's JavaScript vulnerability scanning is continually evolving

As with all Burp Suite features, Burp Scanner is constantly evolving - enabling increased productivity and reliability for its users. Given the rising popularity of architectures such as single-page applications (SPAs), which rely on JavaScript, Burp Suite subscribers can expect to see continual and significant development in this area.

And the benefits of Burp Scanner's embedded Chromium browser aren't limited to scanning JavaScript. The browser has already enabled popular new features like authenticated scanning (recorded logins) - enabling Burp Scanner to go where many others can't. We have many exciting plans for new Burp Suite features and enhancements based on its embedded Chromium browser.

Find out more about Burp Scanner

A vulnerability scanner built with the modern web - and JavaScript - in mind

Designed by leading web security researchers, Burp Scanner aims to mirror the actions of a skilled manual tester. Benefit from PortSwigger's ongoing commitment to excellence.

Burp Scanner sits at the heart of both Burp Suite Enterprise Edition and Burp Suite Professional. It's the weapon of choice for over 70,000 users across more than 16,000 organizations - from pentesters to DevSecOps teams.

Reveal more

By using its advanced crawling algorithm to build up a profile of its target in a similar way to an expert tester, Burp Scanner can reveal more attack surface to exploit - without user intervention.

Scan it all

Burp Scanner can handle JavaScript-heavy web apps, employ user-defined login sequences, and parse many API definitions. It reveals more of the attack surface you need to see.

Save more time

Automating parts of your workflow when security testing JavaScript-heavy targets can increase resources available for manual testing. This increases productivity for both organizations and individual testers.

Find critical bugs

Benefit from the best security research team in the world. Burp Suite subscribers get unrivaled protection against new bugs, and access to the latest methods - like browser-driven JavaScript scanning.

Configure everything

Scan for a huge list of vulnerabilities, and save custom scan configurations. Have the option to focus on specific vulnerabilities particularly common in applications using JavaScript - like XSS, or CSRF.

Reliability you can trust

Find more vulnerabilities - and fewer false positives. Bring a whole new facet to your security testing with reliable automated OAST (out-of-band application security testing).

I have already chosen Burp against our recommended scanning tool. Considering the flexibility in config, customer support, effectiveness in catching bugs etc.

See more customer stories

Balaji Govindan

Software Engineer