Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

exclude static resources

burptryq | Last updated: Mar 24, 2020 05:27PM UTC

Hello! How can I to construct a regex correctly to exclude files in Advantage Scope in "live audit scan"? For example, how can I to exclude static resources. I tried: ^.*?\.(css|xml|woff2)$ (?:\.css$|\.svg$|\.png$|\.jpeg$|\.jpg$|\.gif$|\.pdf$|\.svg$|\.md$|\.ico$|\.js$|\.htm$|\.woff2$|\.woff$|\.xml$|\.txt$|\.md$|\.ttf$|\.webp$|\.doc$|\.docx$) (?:css|svg|png|jpeg|jpg|gif|pdf|svg|md|ico|js|htm|html|txt|md|woff2|woff|webp|ttf|xml|doc|docx|bmp|mp3|mp4)$ (css|svg|png|jpeg|jpg|gif|pdf|svg|md|ico|js|htm|html|txt|md|woff2|woff|webp|ttf|xml|doc|docx|bmp|mp3|mp4) but it didn't work

Liam, PortSwigger Agent | Last updated: Mar 25, 2020 09:25AM UTC

Do you mean the Advanced scope rules? Have you tried using a regex checker? - https://regex101.com/

burptryq | Last updated: Mar 25, 2020 05:48PM UTC

https://i.imgur.com/UlzOxDN.png

Liam, PortSwigger Agent | Last updated: Mar 26, 2020 03:02PM UTC

Thanks for sharing the screenshot. It doesn't look like that regex will work for your requirements. What exactly do you need to exclude? Top exclude static file types, you can use: .*\.(css|js|etc...)

burptryq | Last updated: Mar 26, 2020 06:35PM UTC

https://i.imgur.com/jYBLOI3.png still scaning js, css anf other static files

Michelle, PortSwigger Agent | Last updated: Mar 27, 2020 12:03PM UTC

From the screenshot, I'm afraid I can't quite make out what the first two characters in the file section are. Could you maybe post a sample of the text? Have you tried out the format posted earlier? Let us know if it helps as it could give a good base to work from for what you need: .*\.(css|js|etc...)

e4c6 | Last updated: Jan 01, 2021 08:06PM UTC

Regex include/exclude functionality is completely broken. Case 1: I want to exclude .mp4 files from being scanned. I add excluded URL rule like this Burp Agent recommends. (https://forum.portswigger.net/thread/regex-active-scanner-cdbfaaa3abdb1c6) Rule screenshot: https://imgbox.com/0oa3zaPa I run the scan, look at Flow and see that it's still requesting URLs with .mp4 files. Flow screenshot: https://imgbox.com/pOSEeHRF Case 2: Since exclude doesn't work, i try to come up with a regex that will match everything including the website i specify however with no .mp4 files. Burpsuite errors out "Some of the specified URLs to scan are out of scope", except it isn't. Screenshot: https://imgbox.com/BcrlZIHu I have been battling Burp for hours now. Please tell me this functionality actually works and i'm a retard and show me the solution. Specs: Java 9, v2020.9.2

Michelle, PortSwigger Agent | Last updated: Jan 04, 2021 04:39PM UTC

If you remove the final $, does that then match what you need? (e,g, if you use \.mp4 instead of \.mp4$)

skalvin | Last updated: Aug 26, 2022 12:09AM UTC

I think what he's looking for is this file extension not be scanned in the live audit he want to make the scanner ignore this list of files (?:\.css$|\.svg$|\.png$|\.jpeg$|\.jpg$|\.gif$|\.pdf$|\.svg$|\.md$|\.ico$|\.js$|\.htm$|\.woff2$|\.woff$|\.xml$|\.txt$|\.md$|\.ttf$|\.webp$|\.doc$|\.docx$) he trying to filtering some extension from the scan for example why should the live audit proxy scan (scan this image files) .png .gif .ico ect.. https://imgbox.com/UO9kgWXj

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.