• Skip to main content
  • Skip to primary sidebar

Technipages

Tutorials and fixes for smartphone, gadget, and computer problems

  • Topics
    • Android
    • Browsers
    • Gaming
    • Hardware
    • Internet
    • iPhone
    • Linux
    • macOS
    • Office
    • Reviews
    • Software
    • Windows
    • Definitions
  • Product Reviews
  • Downloads
  • About
How to Add Websites to Burp Suite’s Target Scope

How to Add Websites to Burp Suite’s Target Scope

November 10, 2020 by Mel Hawthorne Leave a Comment

As a proxy tool Burp Suite allows you to proxy all your network traffic. By default, Burp proxies all traffic to any website, however, this can result in too much traffic being caught by the “Intercept” feature, showing up in the HTTP history or in the site map.

To control which traffic is visible within Burp, you can add sites that you want to see to the scope.  While the scope doesn’t do anything by default you can configure the other tools to omit any results that aren’t in scope.

Tip: The scope doesn’t stop any traffic from being proxied through Burp, it just allows you to filter data you see or prevent it from being logged. You can configure Burp to drop all traffic that isn’t in scope in the “Connections” sub-tab of the “Project options” tab under “Out-of-scope” requests. Doing so will prevent all web traffic on your computer other than messages to and from the sites specified in the suite scope.

To add a website to the scope you can browse to the “Scope” sub-tab in the “Target” tab. If you’ve got a URL on your clipboard you can click “Paste URL”, or you can manually add a URL by clicking “Add”.

Tip: You don’t actually have to enter a full URL for a specific website, you’re actually configuring a prefix for which any matching traffic will be logged. This means you could specify “https://technipages” which would match any Technipages domain, or website using “technipages” as a subdomain e.g. technipages.example.com. This field isn’t case sensitive, but you will need to specify both “HTTP” and HTTPS”.

You can manually add websites to the scope.

Manually adding websites can be a bit of a pain, especially if you’ve got a number of sites to add. It can be easier to browse to the websites you want to add to the scope first, with no scope set, so that they show up in the logs, as you can then right-click on them and add them to the suite scope. You can do this by right-clicking the website in the “Site map” sub-tab of the “Target” tab or the “Intercept” and “HTTP history” sub-tabs of the “Proxy” tab

You can add a website to the scope by right-clicking on it in the site map, intercept or HTTP history sub-tabs, and clicking “Add to scope”.

When you first add a site to the scope you’ll be asked if you want to omit data from out-of-scope URLs from the other Burp tools such as the HTTP history and Site map. This won’t hide data already there, just prevent new data from being transferred to those tools. If you click “Yes” it will enable the bottom setting in the “Options” sub-tab of the “Proxy” tab, labelled “Don’t send items to Proxy history or live tasks, if out of scope”.

You can prevent out of scope items from being logged by enabling “Don’t send items to Proxy history or live tasks, if out of scope”.

If you want to keep logging out of scope items but don’t want to see them you can filter them out by clicking on the filter at the top of the Site map and HTTP history sub-tabs. The option to filter them out is in the top-left, labelled “Show only in-scope items”.

You can prevent items from appearing in the HTTP history and site map by filtering them out.

Even if “Logging of out-of-scope traffic” is enabled, that out of scope traffic will appear in the Intercept sub-tab of the “Proxy” window. To prevent this, you can tick “And URL is in target scope” in the “Intercept Client Requests” section of the “Options” sub-tab of the “Proxy” tab. If you’re intercepting responses, you’ll also want to enable the same setting in the “Intercept Client Responses” section.

You can prevent traffic from appearing in the “Intercept” tab by enabling “And URL is in target scope” in the intercept options.

You Might Also Like

  • What Is Burp Suite?
    What Is Burp Suite?
  • How to Use Burp Suite Repeater
    How to Use Burp Suite Repeater
  • How to Use Burp Suite Decoder
    How to Use Burp Suite Decoder
  • How to Set up a Proxy Listener in Burp Suite
    How to Set up a Proxy Listener in Burp Suite
  • How to Filter the HTTP History in Burp Suite
    How to Filter the HTTP History in Burp Suite
  • How Does Burp Suite’s Intercept Function Work?
    How Does Burp Suite’s Intercept Function Work?

Filed Under: Internet, Software

Reader Interactions

Did this help? Let us know!

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Recent Posts

  • Microsoft Edge Collections: What It is and How to Use It
  • YouTube Premium: How to Disable/Enable Background Playback
  • How to Update Apps on iPad (iPadOS 16.3.1)
  • How to Fix Outlook Rules Are Not Supported for This Account
  • How to Stop Windows 11 Updates
  • How to Change the Themes on Windows 11
  • How to Use Goal Seek in Excel (With Real-Life Examples)
  • How to Use MiniTool MovieMaker for Stellar Video Editing

Who’s Behind Technipages?

Baby and Daddy My name is Mitch Bartlett. I've been working in technology for over 20 years in a wide range of tech jobs from Tech Support to Software Testing. I started this site as a technical guide for myself and it has grown into what I hope is a useful reference for all.

© Copyright 2023 Guiding Tech Media · All Rights Reserved · Privacy