Carbonator scans not accurate
I just downloaded Carbonator extender through bapp and have use the command ./burpscan.sh http 127.0.0.1 80 /DVWA/vulnerabilities/
This launched burp UI and I checked that the scan does not detect SQL Injection, XSS or any other vulnerabilities. But when I use the manual way of proxy and sending it to active scanner it was able to detect those vulnerabilities. Is there any way in fixing this issue as I am trying to automate the scan through a shell script using carbonator.
Extensions are created by third party developers. Have you tried contacting the author?