Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Can I passively scan some specific words?

Fatman29 | Last updated: Nov 08, 2019 06:30AM UTC

Hi, I would like to scan some specific words such as "Storage" or "DB" in JS files. Can I do the same using passive scan function in Burp?

Liam, PortSwigger Agent | Last updated: Nov 08, 2019 03:59PM UTC

Just to clarify your requirements, what exactly do you want to scan? Do you want Burp to search for specific words?

Burp User | Last updated: Nov 08, 2019 10:26PM UTC

Actually I would like to check if the site is using Web Storage function or not. If Burp can passively scan the word "localStorage" or "sessionStorage" in js file, it can be easily archived, I thought. This is why I asked the above question.

Liam, PortSwigger Agent | Last updated: Nov 11, 2019 11:53AM UTC

Have you tried using the Scan Check Builder extension? - https://portswigger.net/bappstore/618f0b2489564607825e93eeed8b9e0a

Burp User | Last updated: Nov 13, 2019 06:34AM UTC

Based on your suggestion, I have tried that extension. However, I could not properly point out the problem using the same. Let's say. As an example, I tried to use one passive scan option (https://github.com/PortSwigger/scan-check-builder/blob/master/profiles/X-Frame-Options.bb) In some site, this extension properly finds out the prob but not for some cases. I could not identify the diff. Also using this extension, CPU usage easily became about 100%. So this may not be better solution. Could you suggest?

Mike, PortSwigger Agent | Last updated: Nov 13, 2019 12:05PM UTC

Hi, If you have previously crawled the target application and have all the .js files saved in your site tree, you can use the native Burp > Search functionality to perform a text search within those files. Within the search function, you would want to select the following options alongside your query string to get the best results; - Tools: Target - Locations: Response Body

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.