Probely

A target is the URL of a Web Application, Website, or API. All the following are examples of targets:

<a href="https://app1.example.com" rel="nofollow noopener noreferrer" target="_blank">https://app1.example.com</a>

<a href="https://example.com/app1" rel="nofollow noopener noreferrer" target="_blank">https://example.com/app1</a>

<a href="https://example.com" rel="nofollow noopener noreferrer" target="_blank">https://example.com</a>

- <a href="https://app1.example.com" rel="nofollow noopener noreferrer" target="_blank">https://app1.example.com</a>
- <a href="https://example.com/app1" rel="nofollow noopener noreferrer" target="_blank">https://example.com/app1</a>
- <a href="https://example.com" rel="nofollow noopener noreferrer" target="_blank">https://example.com</a>

The target defines the scope of the scan. The scanner will never leave its scope, i.e., it will never scan any page that is not prefixed with the target's base URL.

If the target is <a href="https://example.com" rel="nofollow noopener noreferrer" target="_blank">https://example.com</a>, the scanner will not scan, for instance, <a href="https://www.example.com" rel="nofollow noopener noreferrer" target="_blank">https://www.example.com</a> or any other hosts. In other words, the scanner will only scan URLs prefixed by example.com.

You can also think of a target as to how you want to organize your security testing. Imagine you have a big app at <a href="https://example.com" rel="nofollow noopener noreferrer" target="_blank">https://example.com</a>. This app includes different sections or modules that can even be built by different teams. You can split it into different targets to facilitate your workflows, like <a href="https://example.com/sectionA" rel="nofollow noopener noreferrer" target="_blank">https://example.com/sectionA</a> and <a href="https://example.com/sectionB" rel="nofollow noopener noreferrer" target="_blank">https://example.com/sectionB</a>.