Burp Suite User Forum

Create new post

Prevent out of scope from appearing in Proxy>HTTP History

Edward | Last updated: Sep 13, 2023 04:17PM UTC

Hello folks! I was wondering if there could be an enhancement to where if a host/IP is explicitly added to the "Exclude from scope" section within Project>Scope tab, that host/IP will not show up or appear within the Proxy>HTTP History section. I know the filter can be used but it would be a lot more user friendly as a "one stop shop" and not have to update/configure another item. Not super important but a nice to-have feature...for every pen test, I end up having to set up regexs for "Response interception rules" to not have mozilla, googleapis, etc. intercepted. Do you all think you can include those already in the Request interception rules as a preconfigured rule? Thank you Team!

Ben, PortSwigger Agent | Last updated: Sep 14, 2023 12:57PM UTC

Hi Edward, Would using negative scoping rules get you what you need? So if you create a target scope for all traffic to be in-scope (using a wildcard) and then use the exclude from scope option to specify the traffic that you do not wish to be in-scope. If you make sure to enable the 'Don't send items to Proxy history or live tasks, if out of scope' option (you should be prompted to do this when configuring the rule) then this should make sure that the excluded traffic does not appear in the Proxy history whereas the rest of your traffic should.

Edward | Last updated: Sep 14, 2023 02:15PM UTC

Hello Ben! Thanks for the quick reply...I did try that and it does appear to be working that way which is perfect...thank you for that. I did notice though that whenever I enable the proxy intercept, the out of scope host/IP will still be intercepted. Im assuming I would still need to update the proxy "Request interception rules" setting? Thanks!

Ben, PortSwigger Agent | Last updated: Sep 15, 2023 09:20AM UTC

Hi Edward, Yes, you would need to enable the 'Is in target scope' setting within the interception rules so that only the in-scope requests are stalled for interception.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.