A target is a Web Application, Website, or API. All the following are examples of targets:

The target defines the scope of the scan. The scanner will never leave its scope, i.e., it will never scan any page that is not prefixed with the target's base URL.

If the target is https://example.com, the scanner will not scan, for instance, www.example.com or any other hosts. In other words, the scanner will only scan URLs that are prefixed by example.com.

You can also think of a target as to how you want to organize your security testing. Imagine you have a big app at https://example.com. This app includes different sections or modules that can even be built by different teams. You can split it into different targets to facilitate your workflows, like https://example.com/sectionA and https://example.com/sectionB.

Did this answer your question?