Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Can I passively scan some specific words?

Fatman29 | Last updated: Nov 08, 2019 06:30AM UTC

Hi, I would like to scan some specific words such as "Storage" or "DB" in JS files. Can I do the same using passive scan function in Burp?

Liam, PortSwigger Agent | Last updated: Nov 08, 2019 03:59PM UTC

Just to clarify your requirements, what exactly do you want to scan? Do you want Burp to search for specific words?

Burp User | Last updated: Nov 08, 2019 10:26PM UTC

Actually I would like to check if the site is using Web Storage function or not. If Burp can passively scan the word "localStorage" or "sessionStorage" in js file, it can be easily archived, I thought. This is why I asked the above question.

Liam, PortSwigger Agent | Last updated: Nov 11, 2019 11:53AM UTC

Have you tried using the Scan Check Builder extension? - https://portswigger.net/bappstore/618f0b2489564607825e93eeed8b9e0a

Burp User | Last updated: Nov 13, 2019 06:34AM UTC

Based on your suggestion, I have tried that extension. However, I could not properly point out the problem using the same. Let's say. As an example, I tried to use one passive scan option (https://github.com/PortSwigger/scan-check-builder/blob/master/profiles/X-Frame-Options.bb) In some site, this extension properly finds out the prob but not for some cases. I could not identify the diff. Also using this extension, CPU usage easily became about 100%. So this may not be better solution. Could you suggest?

Mike, PortSwigger Agent | Last updated: Nov 13, 2019 12:05PM UTC