Best Practices

Below is a list of best practices we recommend you to follow to avoid common pitfalls that may impact your overal potential with BLACKBIRD.

Global Configuration

Request Headers

Target servers often require certain request headers to be included in any of your incoming HTTP requests. For this reason, all of our pentesting tools allow you to specify request headers, including authentication and authorization headers (such as Cookie or Authorization).
Always try to enumerate all required request headers prior to launching any of your scans. As an example, some target servers are set up to not accept and/or process incoming HTTP requests if they do not include the User-Agent request header.Not passing any of the mandatory headers to your pentesting tool can result in incomplete or inaccurate scan coverage.

Delay parameter

Almost all of our pentesting tools are multi-threaded. This makes the scanners more susceptible to be deteected by Web Application Firewalls (WAFs) and other security rules set by your target. For this reason, we recommend you to set the delay to at least 100 ms. This will ensure that the scanner waits 0.1 seconds between each subsequent HTTP request.
In some cases, the scanner will provide you an option to override the default number of threads (simultaneous HTTP requests).

Timeout parameter

Make sure you adjust the HTTP request timeout parameter to match your target’s response time. The default timeout is set to 7000 ms (7 seconds), we recommend you to adjust the value to 8500 ms but do note that scans will take longer to finish.

Headless web browser

Advanced features such as the headless browser take more time to finish. If you want to optimize your scans, we recommend you to turn off the headless web browser option in order to retrieve results at a much quicker rate.

Threads

Threads represent concurrent execution paths that allow multiple HTTP connections to be processed simultaneously. When configuring the number of threads for scanning, you’re effectively setting how many parallel HTTP requests a tool can maintain at once. A higher thread count typically increases scanning speed by allowing more simultaneous connections, but it can also potentially overwhelm the target server. Consider starting with a moderate number of threads (e.g., 10-20) and adjust based on your target’s response characteristics.