Full Active Scan (optional, bring your own Burp Suite Pro + extensions)

What it is

When a licensed Burp Suite Professional is connected (via its REST API), VibeSec drives its full crawl-and-audit active scan and ingests every issue Burp finds. If you load BApp-Store extensions, their checks run automatically inside that scan: ActiveScan++ (host-header attacks, edge-case injection, cache-poisoning hints), Backslash Powered Scanner (probe-then-confirm discovery of unknown and obfuscated injection points), J2EEScan and the Software Vulnerability Scanner (tech-specific payload sets). All layered on top of the native and OSS engines.

How attackers abuse it

Missing security headers leave the browser's built-in protections off, making attacks like clickjacking and cross-site scripting easier to pull off against your users.

Attacker playbook

1. 1Check the response headers for missing protections (CSP, HSTS, X-Frame-Options).
2. 2Use the gap to frame your site for clickjacking or to land an XSS payload.
3. 3Combine with another bug for bigger impact.

How VibeSec detects and confirms it

VibeSec tests for this with an active scan, which runs only on targets you confirm you own or are authorized to test. We detect and confirm it using Burp Suite Pro, ActiveScan++, Backslash Powered Scanner, J2EEScan and Software Vulnerability Scanner. When a payload actually proves the issue, it is reported as a confirmed finding rather than a guess.

If this is in your report: how to fix it

• Set a Content Security Policy, HSTS, X-Content-Type-Options, X-Frame-Options, and a Referrer-Policy.
• Start CSP in report-only mode, then enforce it.
• Re-scan to confirm the headers are present on every response.