Day 0: Recon
Of course, any good project starts with enumeration so you have to make sure well equipped for the task at and if your tool of choice burp suite or OWASP zap, you will find you have to set up very similar things to get started. Burp suite starts with setting up the scope section, ZAP also does the same but names it “contexts”. Make sure you configure this correctly or you might run out of scope without intending to do so which can have legal repercussions. Sometimes the programs determine the scope themselves while other times it might be governed by law for example. Whatever it is, in burp suite make sure to enable the advanced scope control as this will allow you to use parts of the URL instead of always having to use the first part of a URL.
This can be done the same with advanced scope control:
Please note you can also load a list of URLs into burp suite or a list of regex in ZAP. For the sake of clarity, I will be making a separate ZAP article later on. You can potentially also paste a list from the clipboard.
Make sure to also fill in domains you know that are out of scope in the appropriate section. It will save you a lot of headaches…
