Burp Suite User Forum

Login to post

Burp Enterprise advanced URL control

Daniel | Last updated: Jul 09, 2020 06:59PM UTC

I'm currently trialling burp enterprise at the BBC and am struggling with scoping a scan because I can't use regexs in the advanced URL control for a site. The BBC is heavily TLD oriented so trying to scan /iPlayer means that burp crawls anything it finds on those pages such as a reference to /contact or /news, which is not what I want to do. Using a regex to exclude anything that isn't /iPlayer* would be ideal but it seems as though I'll have to manually generate an exclusion list for the time being, unless you know of any trickery that I can apply.

Michelle, PortSwigger Agent | Last updated: Jul 10, 2020 01:02PM UTC

If you add, for example, http://www.mysite.com/abc in the excluded URLs it should exclude all URLs that being with that path, but it sounds like your requirements might be a little more complex. It would be good to understand a little bit more about the URLs you need to exclude, so if you'd like to email us with a bit more detail you can contact us using support@portswigger.net we can take a closer look with you.

You need to Log in to post a reply. Or register here, for free.