Burp Suite Pro v1.7.23
Is it possible to skip a certain link/URL for specific checks (e.g. CSRF, SQL Injection) during a scan, while remaining them ticked in Scanner Options? So for better visualization, I'll provide a scenario:
In my web app, I have an API that doesn't check for CSRF Token. After the scan, Burp flagged that API as vulnerable to CSRF Attack. After that, I thought of creating custom Extension that will whitelist that API to CSRF Token, but I have no idea if this is achievable.
Thanks!
↧