Burp Intruder attack results

When you launch a Burp Intruder attack, the attack runs in a new results window. This contains the attack results, and a clone of the configuration side panel from which the current attack is based.

You can usually identify interesting responses through the following:

• A different HTTP status code.
• A different length of response.
• The presence or absence of certain expressions.
• The occurrence of an error or timeout.
• The time taken to receive or complete the response.

Intruder has various functions to help you analyze the results and identify interesting items. You can then carry out further actions as part of your testing workflow.