Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Login to post

Exclude Hosts from Proxy/Logger History

Benjamin | Last updated: Sep 28, 2022 01:18PM UTC

Hey all, so when testing websites which are big and interconnected, lots of different API endpoints, sometimes even x-site - one (at least I) do not want to use the Scope Feature. (Sidenote: I very rarely use the scope feature _at_all_). So the proposed new user experience is this: You see repeated requests which you don't want to see anymore, say common third party tracking sites, or some internal cdns. Now, without using the scope controls, there should be an option (say in the right click menu in the proxy>HTTP History tab) to simply "Exclude/Ignore this Host from the History". The main benefit is, that one does _not_ have to define a scope for this, but instead on the fly over time filter out annoying stuff. Alternatively a button similar to "Add to Scope", but "Add to Exclude List" instead. A current workflow with features right now for this would be: Target>Scope>Advanced, Add scope with RE '.*' to use all, and manually add hosts to the exclude from scope list - which overall is annoying and a pita to work with. In case this rambling is sorta non understood, pls just let me know and i can re-iterate on key parts once more. Kind Regards

Benjamin | Last updated: Sep 28, 2022 01:22PM UTC

Quick note on the: "Remove from Scope" Button when the scope is /.*/: It always adds the exact file/path into the exclude list, hence after adding some items one would still need to tab over and manually remove the file part to exclude the entire host. (similar to adding the host yourself)

Liam, PortSwigger Agent | Last updated: Sep 29, 2022 07:54AM UTC

We have a development ticket that would provide a better user experience. Unfortunately, we can't provide an ETA.

You need to Log in to post a reply. Or register here, for free.