Added an 'Archive' directory for BChecks made outdated by updates to the Burp Suite Scanner

[LabMC]

Hello,

• I originally created the "InsecureContentSecurityPolicy.bcheck" file back in October 2023 due to Burp Suite not possessing native CSP scanner rulesets outside of referencing "frame-ancestors" for Clickjacking attacks.

• Yet as of March 1st, it appears that Burp Suite has added CSP rulesets to the native scanner.

  • Meaning this BCheck has now been made mostly arbitrary.

• However, I would like to keep this BCheck as publicly accessible so that anyone using 2023 versions of Burp can still retain these custom rulesets.

  • For example, my own company's AppSec team needs to go through a timely process when making version requests for native app tools.
  • We can't even download new Burp versions nor plugins without manual installation.

• Even beyond this particular CSP BCheck, this same scenario may emerge for other BChecks after future updates to the Burp Suite scanner.

• I would hence like an "archived" directory be set which contains BChecks for any rulesets made arbitrary by additions/modifications to Burp's own built-in rulesets.

  • I have also added a small section in the readme.md file to reference this directory, but please feel free to change the wording if necessary.

Thank you for reading,

[Hannah-PortSwigger]

Thank you very much for adding this section in!

This looks good 👍

[PortSwiggerWiener]

Many thanks for the submission.

Looks good 👍