Burp Suite Essentials
上QQ阅读APP看书,第一时间看更新

Scope and Burp Suite tools

Almost all the tools follow the scope. Most of the tools might offer more granular options over and above the Suite's scope. From Burp's application documentation, the following are the advantages of these tools:

  • You can set display filters for the target site map and Proxy HTTP history. This allows us to focus on the task at hand, and everything else is kept hidden away.
  • The Proxy can be configured to only intercept in-scope items—a highly desirable option in my opinion.
  • Only in-scope items for spidering or live scanning in the scanner can be done.

Since most of the time, the activities that we carry out are undistinguishable from regular web attacks, it is extremely important to only attack targets that we want to without any shred of doubt. The target scope allows us to be precise just like that.