Understanding how Arachni finds the vulnerabilities
Hello! I used Arachni to scan a website and it found a Cross-Site Request Forgery. I understand Arachni performs some tests and injections in order to say that this vulnerability exists, and I would like to know where in the report is the explanation of how this vulnerability was found. There are some lines in the report that say "// Injected by Arachni::Browser::Javascript", does this have something to do with it?
The point is that I would like to prove this vulnerability (and many others), and I would like to know how Arachni can help me do that, if it has a list of steps of what it did to find that issue in the page.
Thanks.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac