Burp Suite User Forum

Site map - Filter by Tools

Andrej | Last updated: Oct 25, 2018 08:52AM UTC

In the Site Map tree, I can see many payloads (in folder and file names) which were used by Active scanner (alone, or by some extension during the Active Scan). Such payloads are: %00grqjw%22a%3d%22b%22sc35f %00prompt(1) ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini%00index This results from having "URL path filenames" and "URL path folders" check in the Attack Insertion Points, which I do want to check for, but I don't want them to appear in the SiteMap itself. Would it be possible, in the future, to filter out these attack payloads? Or rather, to filter only those requests, which were made through the Proxy (which would effectively hide undesired ones). Thanks

Liam, PortSwigger Agent | Last updated: Oct 25, 2018 12:26PM UTC

Burp Scanner doesn't send all it's traffic to the Site map. Do you have two instances of Burp chained together? Could you provide us with a list of all the extensions you have installed? Is it possible the application is storing data from the scan then discovering this on a crawl?

You need to Log in to post a reply. Or register here, for free.