Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Site map does not discover most of my URLs.

Iacopo | Last updated: Jul 14, 2022 03:00PM UTC

Hi, I have this problem when using Burp Scan in order to test a WebApp. Basically besides the fact that I use an authenticated crawling, the crawl itself does not discover most URLs, for example given the root URL as "........./" it won't discover for example "........./dashboard/" or let's say "........./analysis/" and so on. Now, the front end is ReactJs. I've also noticed, activating the Burp browser and the intercept, that in the proxy history most calls are Hosted by a different Host, that's the backend. I'm very confused on why the scan cannot access simple URLs that I can acces just by one click on the browser, it does not make sense and it never happened before, neither during the tutorials neither when I've tested the scan function on for example fampous app Mutillidae. Thank for the help

Michelle, PortSwigger Agent | Last updated: Jul 15, 2022 08:20AM UTC

Thanks for your message. So that we can look into this in more detail for you, could you send some screenshots of the following to support@portswigger.net, please? - Screenshots of the requests listed in the Proxy History tab when you browse to this site and view one of the pages that the crawl fails to find. - Screenshots of the scan details for your scan

Iacopo | Last updated: Jul 18, 2022 08:10AM UTC

Sent, with mail Object : "screenshots about sitemap not discovering items".

Michelle, PortSwigger Agent | Last updated: Jul 18, 2022 10:06AM UTC

Thanks :) We've received your email, so we'll take a look and be in touch soon.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.