Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Burp Suite Scanner - SSRF detection

Matt B Aug 02, 2019 04:43PM UTC


With the recent Capital One breach, the SSRF vulnerability has been highlighted as a potential cause/method of the breach.

My question is, does either the Burp Suite Pro or Enterprise version automatically detect SSRF while scanning? From what i can find in my research, it appears that you can only detect this with Burp Suite manually

Liam Tai-Hogan Aug 05, 2019 10:03AM UTC Support Center agent

Yes, Burp scans for SSRF, the scan check is called Out-of-band resource load (HTTP).


Please let us know if you need any further assistance.

Post Your public answer

Your name
Your email address