Configuring the Scan Scope

 The scope of a scan allows you to define which parts of the target web application should be crawled and scanned.

Screenshot 5  – Scan Scope Options

Screenshot 5 – Scan Scope Options

 The following scan scope options are available:

  • Entered Path and Below: During the scan the target path and any folder below will be crawled and scan. For example, if you specify the URL http://www.example.com all the pages and folders in the website will be crawled and scanned. If you specify https://example.com/testfolder/, all the pages and subfolders in the /testfolder/ will be crawled.

  • Only Entered URL: In this scan scope no external links are followed, therefore ideal to scan all parameters on a single page.

When you specify http://example.com/test as a target URL http://example.com/testx will be crawled and scanned as well since in this scope Netsparker will also include all URLs that start with the given target URL.

  • Whole Domain: All of the pages and sub folders on the target domain will be scanned. If a specific URL is entered, such as http://example.com/testfolder/test.php, the scan will start from the specified URL but it will then proceed to crawl and scan all pages and sub folders on the domain http://example.com.