# Quick Start This guide walks you through running your first scan with Burp Bounty Pro in under 5 minutes. ## Step 1️⃣ — Browse to a Target 1. Configure your browser to use Burp Suite as a proxy 2. Browse to the target web application 3. Ensure the target appears in Burp Suite's **Target** > **Site Map** ## Step 2️⃣ — Select Profiles 1. Go to the **Burp Bounty Pro** tab > **Profiles** sub-tab 2. Review the three profile categories: * 🎯 **Active Profiles** — Profiles that send payloads to test for vulnerabilities * 📨 **Passive Request Profiles** — Profiles that analyze outgoing requests * 📩 **Passive Response Profiles** — Profiles that analyze incoming responses 3. Each table shows: Enabled, Profile Name, **Tags**, and Author's Twitter 4. Enable or disable profiles using the **Enabled** checkbox in each profile row 5. All default profiles are enabled by default ![Active Profiles table](https://710436228-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FK0ure45w5tAMFDkq49ZN%2Fuploads%2Fgit-blob-d481e8562baba8bd4d9261754ad7b81e06ed9db7%2Fquick-start-profiles.png?alt=media) > 💡 **Tip:** Use the tag dropdown at the top to filter profiles by category (XSS, SQLi, CVEs, etc.) and focus on what matters for your target. ## Step 3️⃣ — Enable Smart Scan Rules *(Optional)* 1. Go to the **Rules** sub-tab 2. Review the available rules — these define IF-THEN conditions that automatically trigger active scans when passive matches are found 3. Enable the rules you want (most are enabled by default) ## Step 4️⃣ — Launch an Active Scan 1. In Burp Suite, right-click on target URLs in **Target** > **Site Map**, **Proxy History**, or **Repeater** 2. Select **Active Scan** from the Burp Bounty Pro context menu 3. The **URL Filter popup** appears — review the URLs, configure **Scanner Settings** (Threads, Concurrency, RPS), and click OK 4. Burp Bounty Pro launches the scan with your per-scan settings 🎯 ![URL Filter popup with Scanner Settings](https://710436228-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FK0ure45w5tAMFDkq49ZN%2Fuploads%2Fgit-blob-36b7fe74da9b966d985b188b122d28ec11e78ecc%2Fquick-start-scan-popup.png?alt=media) > 💡 **Tip:** For fast targets, increase threads to 20. For rate-limited targets, decrease to 3 and set RPS to 2. ## Step 5️⃣ — Launch a Passive Scan Passive scanning can run in two ways: ### 🔄 Automatic (Live Passive Scan) 1. In the **Dashboard** tab, toggle **Live Passive Scan on** 2. All traffic passing through Burp Suite is automatically analyzed ### 🏷️ Manual (Tag-Based) 1. Right-click on one or more requests 2. Select **Passive Scan** from the context menu 3. Choose the scope from the tag-based submenu: * **All** — Run all passive profiles * **Passive Request** > **Tag** — Run only request profiles with a specific tag * **Passive Response** > **Tag** — Run only response profiles with a specific tag ![Passive Scan context menu with tags](https://710436228-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FK0ure45w5tAMFDkq49ZN%2Fuploads%2Fgit-blob-392dd1348e3323224eb1c0ba338c56300350038d%2Fquick-start-passive-scan-menu.png?alt=media) ## Step 6️⃣ — Launch an AI Scan *(Optional)* The AI Scanner uses AI to automatically identify attack surfaces and launch the right profiles: 1. Right-click on one or more requests 2. Select **AI Scanner** from the Burp Bounty Pro context menu 3. Configure the URL filter and click **OK** 4. The AI analyzes each request's parameters, detects reflection contexts, fingerprints technologies, and recommends profiles 5. If **Auto-scan** is enabled, recommended active profiles are launched automatically > 💡 **Tip:** Configure your AI provider and API key first in **Scanners** > **AI** > **Settings**. ## Step 7️⃣ — Monitor and Control Results 1. Go to the **Burp Bounty Pro** tab > **Dashboard** sub-tab 2. The dashboard shows: * 📊 **Scanner progress** — Active tasks, completed scans, and queue status * 🐛 **Issues found** — Detected vulnerabilities with severity, confidence, and details 3. Use the control buttons: * ⏸️ **Pause All** — Pause all scans without losing progress * ▶️ **Resume All** — Resume paused scans from where they left off * ⏹️ **Stop** — Stop all scans ![Dashboard with scan progress and issues](https://710436228-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FK0ure45w5tAMFDkq49ZN%2Fuploads%2Fgit-blob-21df81437deafda6207e595c3cc4ed8b747778d2%2Fquick-start-dashboard.png?alt=media) ## Step 8️⃣ — Review Findings Each issue reported includes: * 📛 **Issue Name** — The vulnerability type (e.g., "XSS", "SQLi", "CORS Misconfiguration") * 🔴🟠🟡🔵 **Severity** — High, Medium, Low, or Information * 🎯 **Confidence** — Certain, Firm, or Tentative * 📝 **Detail** — The payload used and the grep pattern that matched Issues also appear in Burp Suite's **Dashboard** > **Issue activity** for integrated review. ## 📌 Next Steps * 🖥️ [Interface Overview](https://docs.bountysecurity.ai/getting-started/interface-overview) — Learn about all the tabs and controls * 📝 [Creating Active Profiles](https://docs.bountysecurity.ai/profiles/creating-active-profile) — Create your own vulnerability detection profiles * 🧠 [Smart Scan](https://docs.bountysecurity.ai/scanning/smart-scan) — Set up automated scanning workflows with Rules * 🤖 [AI Scanner](https://docs.bountysecurity.ai/scanning/ai-scan) — AI-powered analysis and auto-scanning * ⚙️ [Scan Control](https://docs.bountysecurity.ai/scanning/scan-control) — Learn about pause/resume, per-scan settings, and performance tuning * 🏷️ [Tags](https://docs.bountysecurity.ai/profiles/tags) — Organize profiles and launch targeted passive scans * 🔀 [Global Variables](https://docs.bountysecurity.ai/variables/global-variables) — Configure variables like `{REDIRECT_DOMAIN}` and `{BC}`