Live tasks

Live tasks are scans that run in the background while you manually explore the target website using Burp's browser or when you send requests from Burp Repeater and Intruder. They enable you to perform some scanning operations, such as auditing for vulnerabilities or adding resources to Burp's Target site map, automatically.

Types of live task

When you set up a live task, you specify a scanning operation and a scope for items to be scanned. When the task encounters an item that meets the scope criteria, it performs the selected scanning operation on that item automatically.

There are two types of live task available in Burp Suite:

• Live audit - Scans each identified request for vulnerabilities.
• Live passive crawl - Populates the Target site map with items derived from the identified request.

Live task scope

You can specify items to be scanned by the live task based on the following criteria:

• Tools scope - Specify the tools whose traffic is inspected. Live tasks can include traffic from Burp Proxy, Repeater, and Intruder.
• URL scope - Specify which items from the selected tools are processed by the task, based on their URL.

You can also specify whether any duplicate items should be removed. If you enable deduplication, any items that share URL and parameter names are consolidated to reduce the amount of items scanned.

Scan configuration and resource pools

You can set scan configurations for all live tasks. The selected configurations apply when scanning any in-scope items.

For live audit tasks, you can also specify a resource pool. This option is not available for passive crawl tasks.