Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Can I passively scan some specific words?

Fatman29 Nov 08, 2019 06:30AM UTC

Hi,

I would like to scan some specific words such as "Storage" or "DB" in JS files.
Can I do the same using passive scan function in Burp?


Liam Tai-Hogan Nov 08, 2019 04:00PM UTC Support Center agent

Just to clarify your requirements, what exactly do you want to scan?

Do you want Burp to search for specific words?


Fatman29 Nov 08, 2019 10:26PM UTC
Actually I would like to check if the site is using Web Storage function or not.
If Burp can passively scan the word "localStorage" or "sessionStorage" in js file, it can be easily archived, I thought.

This is why I asked the above question.

Liam Tai-Hogan Nov 11, 2019 03:33PM UTC Support Center agent

Have you tried using the Scan Check Builder extension?

- https://portswigger.net/bappstore/618f0b2489564607825e93eeed8b9e0a


Fatman29 Nov 13, 2019 06:34AM UTC
Based on your suggestion, I have tried that extension.
However, I could not properly point out the problem using the same.

Let's say. As an example, I tried to use one passive scan option (https://github.com/PortSwigger/scan-check-builder/blob/master/profiles/X-Frame-Options.bb)
In some site, this extension properly finds out the prob but not for some cases. I could not identify the diff.

Also using this extension, CPU usage easily became about 100%.
So this may not be better solution.

Could you suggest?

Post Your public answer

Your name
Your email address
Answer