ProfessionalCommunity Edition

Mapping the target website with Burp Suite

Last updated: April 9, 2024
Read time: 1 Minute

The best way to start testing an application is to map its contents. This enables you to understand what the application does and how it behaves. You can then identify interesting areas that you want to probe for vulnerabilities.

Burp Suite enables you to use a combination of manual and automated tools to map the application. You can use these to discover both visible and hidden content.

Note

Before you start mapping an application, it's a good idea to set Burp's test scope. This enables you to focus on the items that you're interested in. For instructions, see Setting the initial test scope in Burp Suite.

Tutorials in this section

Mapping the visible attack surface
Discovering hidden content
- Automated content discovery
- Enumerating subdomains