Introduction

Before launching a test you may wish to exclude certain resources which you don't want to be part of it. The test scope provides facilities by which you can limit the exposure of the targeted web application to Websecurify's automated testing engine.

Basic Usage

To adjust the scope you need to open an interactive browser session. From the main test window click on the "Open" button.

The application should pop a browser with the target url preloaded inside. You will notice that as you browse around the target application, all links and actions are recorded inside the "Scope" tab. To exclude urls from the current test simply tick the corresponding label.

The Inner Works

The test scope operates in a very simple way. The initial target url is included by default and will be automatically scanned as well as it's sub-urls. On the other hand, urls/targets which are marked for exclusion will not be tested at all. But what do you do if you want to add extra urls to be included into the test? There are two simple solutions.

First, you may have noticed the additional "Test" label. This label is used to specify which other urls you want to be part of the same test. If you tick the label, the corresponding url will be used and actively tested.

On the other hand, you can simple start an additional test within the same window. The Websecurify's test engine automatically recognises the relationships between all executing tests and therefore you will not see duplicate results as the report is generated.