O'Reilly logo

Mastering Kali Linux for Web Penetration Testing by Michael McPhee

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Stay on target!

As you are already probably aware, the recommended approach to beginning recon is to manually map the target with the Proxy's Intercept function turned off to begin with.  As we click through various pages and submit gibberish in forms, we'll populate the Target tab's Site map subtab. Right-clicking on any domains or IP addresses of interest here allows us to add the host to the scope of our analysis. We can also add targets manually to Target Scope (have a look at the following screenshot), but both methods give us the opportunity to focus the analysis on just that application, as shown in the green box--anything that is defined within the scope, you need to understand Burp will be attacking for you! You can also omit certain ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required