Advice on Burp Proxy Scope When Manually Reviewing a Web App
Posted in BugBounty Discussion by @0xjdow



A little while ago I was assessing a web app, and when it came time for manual enumeration (Burp on one monitor, Firefox on the other, exploring application functionality, etc..) I had limited my proxy history to in-scope items only (* and I wound up missing an obvious S3 bucket.

I've since added amazon to my scope when testing applications - but I wanted to see what other researchers are doing in terms of setting scope and limiting proxy history in the hopes of further improving my workflow.


Posted on 2019-01-08