Está en la página 1de 4

The central site map aggregates all of the information that Burp has gathered about applications.

You can filter and annotate this information to help manage it, and also use the site map to drive your testing workflow.

Target Information
The site map displays target information in tree and table form, and also lets you view full requests and responses for individual items where available. The tree view contains a hierarchical representation of content, with URLs broken down into domains, directories, files, and parameterized requests. You can expand interesting branches to see further detail. If you select one or more parts of the tree, all the selected items and items in child branches are shown in the table view. The table view shows key details about each item (URL, HTTP status code, page title, etc.). You can sort the table according to any column (click the column header to cycle through ascending sort, descending sort, and unsorted). If you select an item in the table, the request and response (where available) for that item are shown in the request/response pane. This contains an HTTP message editor for the request and response, providing detailed analysis of each message. The site map aggregates all of the information that Burp has gathered about applications. This includes:
   

All of the resources that have been directly requested via the Proxy. Any items that have been inferred by analyzing the responses to proxy requests (provided you have not disabled passive spidering). Content discovered using the Spider or content discovery functions. Any items manually added by the user, from the output of other tools.

Items in the site map that have been requested are shown in black. Items that have not yet been requested are shown in gray. By default (with passive spidering enabled) when you begin browsing a typical application, a large amount of content will appear in gray before you even get as far as requesting it, because Burp has discovered links to it in the content that you have requested. You can remove uninteresting content (for example, on other domains that are linked to from your target application), by setting an appropriate target scope and using the site map display filter.

Display Filter
The site map has a display filter that can be used to hide some of its content from view, to make it easier to analyze and work on the content you are interested in. The filter bar above the site map describes the current display filter. Clicking the filter bar opens the filter options for editing. The filter can be configured based on the following attributes:

Request type - You can show only in-scope items, only requested items, only requests with parameters, or you can hide not-found items.

the site map enables you to control and initiate specific attacks against the target. these are not deleted. You can add highlights in two ways:   You can highlight individual items using the drop-down menu on the left-most table column. Status code . using the context menus that . Search term . to add or edit a comment in-place.You can configure whether to show or hide responses with various HTTP status codes. This means you can use the filter to help you systematically examine a complex site map to understand where different kinds of interesting content reside. The content displayed within the site map is effectively a view into an underlying database. only hidden.[Pro version] You can filter on whether or not responses contain a specified search term. or images. Testing Workflow As well as displaying all of the information gathered about your target.You can configure whether to show only items with user-supplied comments or highlights. You can configure whether the search term is a literal string or a regular expression. You can comment one or more selected items using the "Add comment" item on the context menu. This is useful to remove folders whose child items have all been hidden by other display filter attributes.      MIME type . CSS.You can configure whether to show or hide items with specified file extensions. You can highlight one or more selected items using the "Highlight" item on the context menu. then only items not matching the search term will be shown. within the Comment column. Annotation .You can optionally hide empty folders in the tree view. you can annotate items by adding comments and highlights. such as HTML. If you set a filter to hide some items. If you select the "Negative search" option. you can use column sorting and the display filter to quickly find these items later. File extension . and the display filter controls what is included in that view. and whether it is case sensitive. and to flag up interesting items for further investigation. When you have annotated interesting requests. You can add comments in two ways:   You can double-click the relevant entry. and will reappear if you unset the relevant filter. Annotations In the table view. This can be useful to describe the purpose of different URLs.You can configure whether to show or hide responses containing various different MIME types. Folders .

relative links within the response will be handled properly by your browser. and send the request to other Burp tools. Scan / Spider / Send to .These options create new target scope rules which add or remove the selected item(s) from scope. an administrator). The ability to send requests between tools forms the core of Burp's user-driven workflow. multi-stage processes.[Pro version] You can use the Find references function to search all of Burp's tools for HTTP responses that link to the selected item. A common technique when testing an application that includes some sensitive URLs is to add the whole application path (domain or directory) to the target scope.This causes Burp to issue the request using the cookies supplied by your browser.. When you are dealing with complex. and perform actions on the entire branch of the tree. . The resulting browser request is served by Burp with the exact response that you selected (the request is not forwarded to the original web server).) in the course of rendering the response . CSS.[Pro version] You can use the Search function to search the selected branch(es) of the site map for items matching a specific expression. of manually pasting a series of URLs from Burp into your browser. o Find comments / scripts .You can use this to re-issue the selected request in your browser (configured to use the current instance of Burp as its proxy).these will be handled by Burp in the usual way. and modifying cookies manually using the Proxy. Burp gives you a unique URL that you can paste into your browser (configured to use the current instance of Burp as its proxy).This causes Burp to issue the request using the exact Cookie header that appeared in the original request. As a result. The following sub-options are available: o In original session . is normally a lot easier than repeating a multi-stage process over and over. Request in browser .g. Hence. You can use this feature to facilitate testing of access controls.appear everywhere. Engagement tools . The exact options that are available depend on the location where the context menu was invoked. Show response in browser . your browser may make additional requests (for images. and the type of item(s) selected. this methodology..You can send any item to other Burp tools. For example. such as spidering or scanning. to render the response. etc. an ordinary user). such as Intruder or Repeater.You can use this to render the selected response in your browser. o In current browser session .[Pro version] You can use the Find comments / scripts functions to search the selected branch(es) of the site map for comments and scripts. . and reissuing the requests within a different user context that you are now logged in as (e. to avoid the limitations of Burp's built-in HTML renderer. you can select a host or folder within the tree view. and yet the response is processed by the browser in the context of the originally requested URL. Or you can select an individual item anywhere. The complete list of context menu actions is as follows:      Add to / remove from scope . to perform further attacks or analysis. When you select this option. o Find references . The rule generated will apply to the selected item and all child branches in the tree. by selecting requests within Burp that were generated within one user context (e.[Pro version] This submenu contains various useful functions for carrying out engagement-related tasks: o Search .g. and then select the sensitive items and exclude them from scope.

You can deal with this either by configuring a suitable target scope and a display filter. and how many parameters each URL takes.This function lets you specify a file to save the details of selected item(s) in XML format. Save item(s) . and collapse them after you have reviewed them. Add comment . Copy links .You can use this function to add a comment to the selected table item(s). Compare site maps .You can use these functions in the tree view to quickly expand whole branches of the tree. o Simulate manual testing .[Pro version] You can use the Generate CSRF PoC function to create some HTML which. o . See Annotations for more details. Delete item(s) . in particular testing for access control vulnerabilities.[Pro version] You can use the Schedule task function to create tasks that will run automatically at defined times and intervals. including full requests and responses. when viewed in a browser. See Annotations for more details. This is a powerful feature that can be used for various purposes. o Discover content . HTTP status code and MIME type. Expand / collapse branch / requested items . the map will often include a large amount of third-party content that is linked to from the application you are interested in.This function parses the selected item(s) for links. and all relevant metadata such as response length. o Generate CSRF PoC .[Pro version] You can use the Target Analyzer function to analyze the selected branch(es) of the site map and tell you how many static and dynamic URLs it contains. Copy URL(s) . or by manually removing irrelevant branches of the tree.[Pro version] You can use the Discover content function to discover content and functionality that is not linked from visible content which you can browse to or spider. and copies these to the clipboard. will cause the selected request to be issued.This function copies the URL(s) of the selected item(s) to the clipboard.You can use this function to apply a highlight to the selected table item(s). Highlight .You can use the Compare site maps function to identify differences between two site maps.This function removes the selected item(s) permanently. o Schedule task . Since by default the site map displays all content that Burp has identified based on HTTP responses.        Analyze target .[Pro version] The Manual testing simulator can be used to generate HTTP traffic that is similar to that caused by manual penetration testing.