tag:support.arachni-scanner.com,2012-07-01:/discussions/questions/15019-understanding-how-arachni-finds-the-vulnerabilitiesArachni: Discussion 2019-01-02T15:48:08Ztag:support.arachni-scanner.com,2012-07-01:Comment/467406702019-01-02T15:48:07Z2019-01-02T15:48:07ZUnderstanding how Arachni finds the vulnerabilities<div><p>Hello! I used Arachni to scan a website and it found a Cross-Site Request Forgery. I understand Arachni performs some tests and injections in order to say that this vulnerability exists, and I would like to know where in the report is the explanation of how this vulnerability was found. There are some lines in the report that say "// Injected by Arachni::Browser::Javascript", does this have something to do with it?</p>
<p>The point is that I would like to prove this vulnerability (and many others), and I would like to know how Arachni can help me do that, if it has a list of steps of what it did to find that issue in the page.</p>
<p>Thanks.</p></div>amanda.barbosa