This extension automatically handles anti-CSRF tokens, and hides the mechanism from the browser (or other tool) that is using Burp. It tracks the most recent token received in a response, and ensures that each request always contains the latest token.
It also allows Burp to be chained as an upstream proxy from other security scanning tools that are not CSRF-aware.
Requires Java version 7.
|Last updated||10 November 2015|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.