The Target tag allows you to view the site map of the target site, as well as what requests you’ve made and what findings you have found for each endpoint.
On the left, you have the site map. These are all of the endpoints of the target website, with directories showing as folder icons, files showing as a document icon, and parameterized requests showing as a gear icon.
If a URL in the sitemap is greyed out it may have been mentioned in the site’s responses or found as the result of a scan but has not been visited yet.
The contents section shows the requests you have made to the selected URL. In the lower section, you can view the request and response in detail.
The Inspector tab here can be clicked on to unfold a section that allows you to view the headers and attributes of the request and response.
If you select some text in the request or response, the inspector also allows you to view the length of the selected text as well as decode the selected text.
Add the target URL to the scope through the sitemap.
- Right-click on the target URL and click on ‘Add to Scope’.
This filter at the top of the page can be clicked on to open the filter settings.
This allows you to filter out results that are out of scope or select what you want to have showing up on your site map.
If you click on “show only in-scope items” then show what you want to have showing up on your site map.
In this blog, we’ve explored the Target component of burpsuite in detail, uncovering how it plays a crucial role in your security testing workflow. From setting up your target scope to understanding how burpsuite interacts with your web applications, we’ve covered the foundational elements necessary for effective vulnerability scanning and testing.
In our next blog, we will delve into another vital burpsuite component: Proxy. This component is instrumental in intercepting and analyzing web traffic, making it an indispensable tool for any security tester. We’ll explore how to configure and use the Proxy component to enhance your testing capabilities, ensuring that you have a comprehensive understanding of all the tools at your disposal.
Stay tuned as we continue to unravel the intricacies of Burp Suite, helping you become more proficient in your security testing endeavors.
Thank you for reading, and as always, happy testing!
