Burp Suite Scanner - SSRF detection
With the recent Capital One breach, the SSRF vulnerability has been highlighted as a potential cause/method of the breach.
My question is, does either the Burp Suite Pro or Enterprise version automatically detect SSRF while scanning? From what i can find in my research, it appears that you can only detect this with Burp Suite manually
Yes, Burp scans for SSRF, the scan check is called Out-of-band resource load (HTTP).
Please let us know if you need any further assistance.