Is Burp Suite Spider and Intruder Safe?


Hi Guys,

I am fairly new to Bug Crowd and general bug hunting. I have spent a lot of time in labs practicing different techniques and looking for vulnerabilities manually to understand it better however I want to start using some tooling. I am mostly familiar with Burp and Zap.

My question though is whether the Spider and Intruder features are generally considered safe against real world targets? I would assume not due to potential request rates on the backend however I thought I’d ask the Experts/Community for your opinion.

If not, what alternatives are there to automated aspects of the process?



Burp and ZAP are typically safe. Make sure that on the spider function that you don’t have it to populate and autosubmit form information. I had a problem once because I had Burp configured to automatically submit form information and it entered the name, address, phone and email address in the prepopulated form data in Burp.


Ah ok, I will watch out for that. Nice one! Thanks for the reply.


Hey Chris
I’m new too to the field of bughunting , maybe we can help each other
contact me on discord
Ayoub#1938 or email :