# Target ## In Burp, go to "Target" > "Site map" tab, and get familiar with the user interface. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-LyyKSg4p8RikMSwGw3m%2F-LyyK_OiJvQvWP5HqzbP%2Fimage.png?alt=media\&token=559e4837-a4dd-4f5d-81e5-73fad5fcf69c) Switch to "Target" > "Scope" tab. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-LyyKSg4p8RikMSwGw3m%2F-LyyKhEBThifBUGm2gha%2Fimage.png?alt=media\&token=c6cf0082-db44-452e-bb1a-04c872df333f) Switch to "Target" > "Issue definitions" tab. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-LyyKSg4p8RikMSwGw3m%2F-LyyKlQXW21NU_OZgkGV%2Fimage.png?alt=media\&token=9bc348b3-611d-428a-ae98-843d3897d400) 1. In Firefox, explore the Security Shepherd web application by following links and submitting forms. 2. Observe the site map getting populated with URLs as you explore the target website. In site map, the items that have been manually requested in browser appear in **black**, while other items appear in **gray**. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-LyyKoDZqe4bHpFQxvvB%2F-LyyKrSrkhzPU7fw0OXA%2Fimage.png?alt=media\&token=f5c72d02-dd5f-450d-9f32-ba5930c44953) ## Scope 1. Select a URL in the "Target" > "Site map" tab. 2. Right click on the chosen URL and select "**Add to scope**" option from the context menu. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-LyyKv2JvgNmYK_3aj5S%2F-LyyLcO6WeqUWT30O9Ox%2Fimage.png?alt=media\&token=ed307886-0c44-4f33-86f1-4d253e4ca99e) Select "**No**" in the "Proxy history logging" prompt. This is because we want to see all requests (in or out of scope) that are made while accessing the target web application.
Go to "Target" > "Scope" tab to verify if the chosen URL was included in scope. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-Lz08KS0HVXW1Uzzy_3W%2F-Lz08mi1mZ5KvIJtsinX%2Fimage.png?alt=media\&token=3c533fc2-233e-43a4-96be-0fdc20b54291) Return to "Target" > "Site map" tab, and select a different URL in the "Contents" section. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-Lz08KS0HVXW1Uzzy_3W%2F-Lz08ot6rAumy_PPtwsa%2Fimage.png?alt=media\&token=b83b988a-da4a-440b-b929-0b12c9c56339) Right click on the chosen URL and select "**Copy URL**" option from the context menu. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-Lz08KS0HVXW1Uzzy_3W%2F-Lz08qnBkM7tnYxuyTtG%2Fimage.png?alt=media\&token=fae2f151-2dd7-4040-ad24-6f9912dfbbcb) **Exclude from Scope** 1. Go to "Target" > "Scope" tab, and click on "Paste URL" button under the "Exclude from scope" section. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-Lz08KS0HVXW1Uzzy_3W%2F-Lz08YwHUGvYnbQavSKG%2Fimage.png?alt=media\&token=72363da2-873e-457e-9984-defd23bb55f5) 2\. You could, now, configure suitable **display filters** on the site map and Proxy history tabs, to hide from view items that you are not currently interested in. 3\. Go to "Target" > "Site map" tab. 4\. Click on the `Filter` bar. 5\. Select the checkbox labeled as `Show only in-scope items`. 6\. Click anywhere outside of the filter-box. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-Lz08KS0HVXW1Uzzy_3W%2F-Lz08fVa3qGt5s4JMx6f%2Fimage.png?alt=media\&token=1211bbb2-1b57-44c9-a305-8d37e47176c2) 7\. Only in-scope items should be visible in the site map, now. ![](https://990422818-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LWGXF4oLcghA1GLq0CM%2F-Lz08KS0HVXW1Uzzy_3W%2F-Lz08hoX-Vx79ABr5L2D%2Fimage.png?alt=media\&token=90b3edd8-65fa-4a32-bab2-a2b78ca5ea92)