Burp Bounty Pro
  • Extension Sections
    • Dashboard
    • Scanner
    • Rules
    • Profiles
    • Options
    • License
    • About
  • Extension Usage
    • Usage
  • Scan Methods
    • Active Scan
    • Passive Scan
    • Smart Scan
    • Live Passive Scan
  • Rules
  • Profiles
    • Active Profiles
    • Passive Request Profiles
    • Passive Response Profiles
Powered by GitBook
On this page
  1. Scan Methods

Passive Scan

PreviousActive ScanNextSmart Scan

Last updated 1 year ago

The passive scanner doesn’t interact with HTTP traffic. Searches for patterns (or absence of them) in HTTP requests and responses.

A pattern is information detected through strings or a regular expression. If it detects a pattern, you get an alert.

If you scan one or multiple requests with the Passive scan, you will launch against the request/response the profiles that are active in the tab “Profiles-> Passive Request Profiles” and “Profiles-> Passive Response Profiles”. This scanner does not perform any request against the target, it only analyses the request/responses passively.

In this image you can see how an alert has been generated for the absence of a pattern. In this case, a Set cookie is detected, without HTTP only attribute set.

In next image, you can see how it detects an SQL statement in The HTTP Request. As you can see below, a “select” is detected followed by a “from” followed by “where”.