PROFESSIONALCOMMUNITY
Target scope
-
Last updated: May 15, 2023
-
Read time: 1 Minute
You can use the target scope to tell Burp Suite which hosts and URLs are the target for your current work. It also enables you to exclude targets that you aren't interested in, or that you don't have permission to attack.
You can configure the target scope in order to change the behavior of tools throughout Burp. For example:
- Set display filters on the target site map and Proxy history to show only in-scope items.
- Tell the Proxy to intercept only in-scope requests and responses.
- With Burp Scanner, configure a live task to perform automatic scanning of in-scope items.
- Configure Intruder and Repeater to follow redirections to any in-scope URLs.
To access the target scope:
- Click on Settings to open the Settings dialog.
- Go to Project > Scope.
- View the Include in scope and Exclude from scope lists under Target scope. These define the scope.
To add a URL to the target scope, select an item from the site map, right-click and select Add to scope. You can also add URLs directly to the target scope lists in the Settings dialog. For more information, see Scope settings and URL matching rules.