Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

SiteMap & Spider Out-Of-Scope Entries

M | Last updated: Mar 26, 2017 10:01PM UTC

Hi, I have an application that I'm testing with thouthands maybe more of urls like example.com/[0-9]+ and I don't want to go thru them all not in Sitemap/Proxy/Spider so first I setup a rule in Scope Exclude with ^example\.com$ ^/[0-9]+.* and I have this settings in: Spider/Control/Spider Scope: Use Suite Scope Project Options/Connections/Out-Of-Scope: Use Suite Scope and Drop all out-of-scope requests checked Now when I run the spider I still get all these urls discovered in SiteMap I have to use the filter to "Show only in-scope items" Is there anyway I can make Burp just ignore all out-of-scope entries to save project file disk space and time for the spider to finish I thought that "Project Options/Connections/Out-Of-Scope/Drop all out-of-scope requests" Setting will take care of that but it's not Thanks

PortSwigger Agent | Last updated: Mar 27, 2017 08:45AM UTC

The option to drop out-of-scope requests only affects whether actual requests are made to out-of-scope items. Burp Spider does add to the site map any URLs that it observes during spidering. We don't have any option to prevent this happening for out-of-scope URLs. There is minimal storage overhead for items that don't get requested, so just using the view filter to hide out-of-scope items from view is probably your best option.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.