So lets first add the target in our scope and then see the site map and information about only that target and we can do that by just going to the Target section and then to sitemaps and there select our targets address and right click to add it to scope

Then we click at the top and just do this and add only items in our scope items so it filters out the not necessary items

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/dac5ee40-1ced-4094-a3fc-d58f7350c712/Untitled.png

If we have the pro version we can just go there and scan the target by right clicking on it and scanning it and we can also use engagment tools on it and get a lot of advantage in that field as well.Scanning basically helps crawl the website it was called spidering before it will try to go to diffrent websites and see where we can get access from and it also does active scanning and it will do a lot of diffrent attacks for us but its not super nice though its much better to do it manually dont rely too much on your tools you have to still do stuff manually.

Then we also have the most used tool and section called Proxy where we can intercept and see every request and see how it looks like and everything we can see cookies and everything and then we right click on this request and send it to repeater.

Repeater is basically a request repeater we can send request and see tehri responses over there .We can do parameter tampering and change inputs basically like maybe change the cookie or change the request type or change the user agent and we can repeat this request over and over .

Now lets go to Proxy again and go to options and then to Intercept Client Requests and Intercept Server Responses and this way we wont intercept anything that is out of scope and wont interfere any other session of ours basically.

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/7fe08acb-c22f-4526-bcfd-4c96a8bec9d3/Untitled.png

Intruder is something we can use to do bruteforce attacks and attacks with payloads and stuff liek that.Its very slow on community edition tho .To increase speed of this tho we can download a extension from the Extender section and then goin to Bapp store and looking for something called Turbo Intruder.

We also have a comparer function to send requests and compare them .

Decoder is a nice feature as well we can send stuff from maybe repeater or intruder to Decoder and decode it if its in Base64,Binary,Url Encoding or something and vice versa ofcourse.

Most used ones are Target,Proxy and Repeater .