Can I passively scan some specific words?
I would like to scan some specific words such as "Storage" or "DB" in JS files.
Can I do the same using passive scan function in Burp?
Just to clarify your requirements, what exactly do you want to scan?
Do you want Burp to search for specific words?
If Burp can passively scan the word "localStorage" or "sessionStorage" in js file, it can be easily archived, I thought.
This is why I asked the above question.
Have you tried using the Scan Check Builder extension?
However, I could not properly point out the problem using the same.
Let's say. As an example, I tried to use one passive scan option (https://github.com/PortSwigger/scan-check-builder/blob/master/profiles/X-Frame-Options.bb)
In some site, this extension properly finds out the prob but not for some cases. I could not identify the diff.
Also using this extension, CPU usage easily became about 100%.
So this may not be better solution.
Could you suggest?
Hi, If you have previously crawled the target application and have all the .js files saved in your site tree, you can use the native Burp > Search functionality to perform a text search within those files.
Within the search function, you would want to select the following options alongside your query string to get the best results;
- Tools: Target
- Locations: Response Body