Original Post: Browser powered scanning 2.0 | Blog
Tom Shelton-Lefley discusses the redevelopment of Burp Scanner’s embedded browser integration. Initially, the goal was to handle browser actions creating new tabs or windows in recorded logins, a long-requested feature. This minor-sounding task revealed limitations in their old method of connecting to Chromium, prompting a complete rewrite of their integration module.
The rewrite allowed significant improvements, such as better complex navigation handling, enhanced resource management, live crawling views, and multi-target support. Despite challenges, including re-encountering old quirks, they leveraged lessons learned and thorough testing to improve the new implementation.
The effort underscores PortSwigger’s penchant for building custom solutions to meet their specific needs, allowing for unique innovations like “Kettling.” Moving forward, the team aims to improve stability and accuracy while expanding coverage for web apps built on frameworks like React, Vue, and Angular.
Go here to read the Original Post