Articles on: General Questions (Pentest)

How do you define a target for the vulnerability scanner?

A target is a domain or URL that will be tested by our vulnerability scanner. It can be the URL of a web application, website, API etc.

Examples of some unique targets:

What is the scope of the vulnerability scan?

Target URL

Let us say you set as the target URL. The scanner will crawl and create a site tree with all the requests, pages, APIs, resources etc. which are being requested from the target URL.

Example of Site Tree:


Any APIs or resources which are not requested from the app will not be scanned. You can add them as a separate target for better coverage.


All URLs having the same domain will be included in scope, and the rest will be excluded by default. If you would like to restrict the scan scope to only or - you can update the configuration in the Scanner Setup under Should we crawl subdomains? in Step 1.

For example, if APIs calls are being made from to - they will be considered to be in scope since both the URLs are having the same domain name, i.e

Different Hostnames

If you have APIs or other resources residing on a different hostname that need to be scanned, you can add them to the scope from the Scanner Setup under What other hosts should we scan? in Step 1.

For example, when using Amazon Cognito, the authentication API call is made to You will have to add or to the scope.

How to organize targets?

It is good practice to divide big applications into smaller logical targets. This way you can ensure that each important target is thoroughly tested, and the scan results are optimized.

Another strong reason for this is that scan behind login can be configured for each target, allowing the scanner to login to the application as different users and test the URLs requiring authentication.

For example, a big e-commerce application can be divided into the following targets:

Updated on: 13/08/2022

Was this article helpful?

Share your feedback


Thank you!