during automated scanning burp just flodded the "issue activity" tab with the same issues on the same path over and over:
and so on and so forth.
Using the extension makes not feasible to use. That were almost 18000 errors, all of the from tomcat. They came from extensions of burp core checks and some were echoing the payload.
Some examples:
While using some cmd line magic I was thinking one could reduce the number of findings by a mere ~50% by looking at the content length of the response. However 9000 same issues is at least still 2.5 orders of magnitude too much.
Hi,
during automated scanning burp just flodded the "issue activity" tab with the same issues on the same path over and over:
and so on and so forth.
Using the extension makes not feasible to use. That were almost 18000 errors, all of the from tomcat. They came from extensions of burp core checks and some were echoing the payload.
Some examples:
While using some cmd line magic I was thinking one could reduce the number of findings by a mere ~50% by looking at the content length of the response. However 9000 same issues is at least still 2.5 orders of magnitude too much.