If the target is TARGET.COM then do the following to update all subdomains to scope:
- Go to Target and select scope.
- click on “use advanced scope control”
- click on add and then in Host or IP range field,
- BurpSuite uses regular expressions in the host field, so the regex will be:
.*\.target\.com$
this will match all subdomains
Another way to add Target.com with all subdomains is:
- Go to Target and select scope.
- click on “use advanced scope control”
- then Go to sitemap
- righ click on domain name and select “add to scope” press No so that it will keep monitoring all out of scope data as well.
- No go to scope and click on “Host/IP Range” and click edit
- Replace “www\” with “.+”
- it should look like this now:
^.+target\com$
- now press ok, above regex means anything . target.com which will include all subdomains.
if the website has multipole domain names like target.com , target.org, target.us, target.in etc
- Replace .com with ..* :
.*\.target\..*$
- Now Go to proxy > HTTP History and check on ‘show only in scope item’ under filter option.