Target
This tool contains detailed information about your target applications, and lets you drive the process of testing for vulnerabilities.
In Burp, go to "Target" > "Site map" tab, and get familiar with the user interface.
Switch to "Target" > "Scope" tab.
Switch to "Target" > "Issue definitions" tab.
In Firefox, explore the Security Shepherd web application by following links and submitting forms.
Observe the site map getting populated with URLs as you explore the target website. In site map, the items that have been manually requested in browser appear in black, while other items appear in gray.
Scope
Select a URL in the "Target" > "Site map" tab.
Right click on the chosen URL and select "Add to scope" option from the context menu.
Select "No" in the "Proxy history logging" prompt. This is because we want to see all requests (in or out of scope) that are made while accessing the target web application.
Go to "Target" > "Scope" tab to verify if the chosen URL was included in scope.
Return to "Target" > "Site map" tab, and select a different URL in the "Contents" section.
Right click on the chosen URL and select "Copy URL" option from the context menu.
Exclude from Scope
Go to "Target" > "Scope" tab, and click on "Paste URL" button under the "Exclude from scope" section.
2. You could, now, configure suitable display filters on the site map and Proxy history tabs, to hide from view items that you are not currently interested in.
3. Go to "Target" > "Site map" tab.
4. Click on the Filter bar.
5. Select the checkbox labeled as Show only in-scope items.
6. Click anywhere outside of the filter-box.
7. Only in-scope items should be visible in the site map, now.
Last updated
