Introduction

In this tab, we can find several useful options that are invaluable in any bug bounty hunters toolbelt in my opinion. I'm not going to bore you with the very basics, i assume you already know those. Instead i am going to show you all the cool tricks we can with this section of burp.

Site map

The site map displays any URL that we visited while browsing the website manually if we have our passive crawling job active in the background to fill the site map.

One thing i will always do is sort my responses via status code. This makes it easier to view the requests that return a 200 status code and then i can judge if they should.

Please note that by default items with a response code of 4xx (i.e. 403) are not shown in the site tree. We can enable those in the filtering, that's where the real fun starts.

filtering

If we click the filter bar at the top of the screen, we can some very useful filters.

1. Showing only the paramterised requests will show us all the requests that allow us some kind of interaction with the server. These are the requests that i care about mosts as they talk to the API.
2. Filtering by mime type allows us to include or exclude certain types of files such as scripts or CSS files by checking or unchecking the checkbox respectively.
3. If we want to show or hide certain status codes, that's also possible like the 4xx status codes which are disabled by default
4. If we want to search for specific terms, that also possible. We can do this in negative search as well, which would mean that we would exclude requests with the search term in it.
5. If we want to hide or show certain file types, that's also possible but we can't use both together as they would cancel eachother out
6. We can also annote or comment certain requests by right clicking them in the site map, repeater or proxy history and then we can filter on those requests.

Scope