Last updated: March 24, 2023
Read time: 2 Minutes
The Scope page contains settings for the following:
These settings determine which hosts and URLs are the target for your current project. This changes the behaviour of tools throughout the suite. The following options are available:
- Include in scope - Specify the URL prefixes for items that you're interested in.
- Exclude from scope - Specify specific subdirectories or files that you aren't interested in. For example, you can exclude logout or administrative functions.
You can add URLs to the target scope lists in several ways:
- Click Add, and enter the URL.
- Copy a URL from a browser and click Paste URL.
- Click Load to load a list of items from a text file.
You can also add URLs to the target scope from the site map. Select an item, right-click and select Add to scope.
You can Edit and Remove rules from the list.
Select Use advanced scope control to use the URL-matching rules to define your scope, rather than simple prefixes.
Out-of-scope request handling
These settings determine whether Burp issues out-of-scope requests.
Select Drop all out-of-scope requests to prevent Burp from issuing any out-of-scope requests. With this setting enabled, out-of-scope outgoing requests are dropped by Burp even if the browser explicitly requests them.
You can select how Burp defines an out-of-scope request:
- Use suite scope - Select this option to use the suite target scope to determine which requests to drop.
- Use custom scope - Select this option to define a custom scope to determine which requests to drop.
- For more information on setting the suite-wide scope, see Target scope.
- For more information on URL-matching rules, see URL-matching rules.
The Scope settings are project settings. They apply to the current project only.
Was this article helpful?
An error occurred, please try again.