Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

ProfessionalCommunity Edition

Discovering hidden content with Burp Suite

  • Last updated: August 30, 2024

  • Read time: 1 Minute

Applications often contain locations that you can't browse to, as they are not directly linked from visible content. Some examples of hidden content include:

  • Functionality that has been used for testing, but hasn't been removed.
  • New functionality that has been added to the server, but hasn't been linked from the main application.
  • Internal-only functionality that isn't linked from the main application.
  • Features that your account doesn't have permission to use.

Burp includes a range of tools that can help you discover hidden content. This enables you to build a more comprehensive map of the target application and identify a wider attack surface.

Was this article helpful?