Burp Suite User Forum

Create new post

Precise Scope Regex Rules

David | Last updated: Oct 20, 2016 08:02PM UTC

Hi, I'm using Burp Scanner against a site using the Carbonator extension, and I'm having some problems with site scoping. I'm initiating Carbonator against, say, "http://example.com", and specifying that Carbonator run specifically against the "/v1" folder on that site. From reading Carbonator's source, I see that this adds "http://example.com/v1" to Burp's scope. However, I want to be able to include this path, as well as specifically exclude other paths that are not "/v1". I created a scope configuration file from one I generated using Burp's scope tool, and added an exclusion rule for "http://example.com/(?!v1)", which I believe means "exclude any domain that does not have "v1" at the start of its path". However, this does not seem to do what I expect it to, as Burp now only scans "http://example.com" and nothing else. How can I properly specify this scope? Thanks, David

PortSwigger Agent | Last updated: Oct 25, 2016 04:08PM UTC

For a request to be in scope, it must match at least one "include" rule and no "exclude" rules. If your scope rules are clean/default, then the simple include rule: http://example.com/v1/ will cause everything under just this folder to be in scope, and no others. There is no need to specifically exclude any other folders, since they aren't included. Do you have some other include rules in play that are causing the scope to be wider than you require?

Burp User | Last updated: Oct 25, 2016 07:51PM UTC

Nope, I'm not quite sure what I was doing wrong, but using an "include" rule alone worked fine.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.