Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Carbonator scans not accurate

Alex Aug 02, 2019 04:34AM UTC

I just downloaded Carbonator extender through bapp and have use the command ./burpscan.sh http 127.0.0.1 80 /DVWA/vulnerabilities/

This launched burp UI and I checked that the scan does not detect SQL Injection, XSS or any other vulnerabilities. But when I use the manual way of proxy and sending it to active scanner it was able to detect those vulnerabilities. Is there any way in fixing this issue as I am trying to automate the scan through a shell script using carbonator.


Liam Tai-Hogan Aug 02, 2019 07:34AM UTC Support Center agent

Extensions are created by third party developers. Have you tried contacting the author?

- https://github.com/portswigger/carbonator


Alex Aug 05, 2019 04:32AM UTC
Yes I've contacted them but did not get back to me

Post Your public answer

Your name
Your email address
Answer