Burp Suite User Forum

Login to post

Running passive checks without issuing new requests

David | Last updated: Nov 21, 2020 08:49PM UTC

I seem to remember that Burp used to be able (in the old 1.7 version) to apply all passive checks on the requests stored inside Burp. Is this still possible? I've tried right-clicking the in-scope hosts in the Target tab and selecting "Passively scan ...", but this is much slower than I remember and I suspect Burp is reissuing requests. How do I apply passive checks to past requests without contacting the server again? Example scenario: I've gone on site at a client to test an internal web application. After finishing the testing, I arrive home and realise one of my passive Extensions was turned off. Can I still run those checks on the items stored in Proxy/Target/Repeater without going back to the client?

Ben, PortSwigger Agent | Last updated: Nov 24, 2020 10:48AM UTC

Hi David, You should be able to right click on an individual request (or series of requests/host) and select the "Do Passive Scan" option in the context menu (the name of this option will change depending upon what items you are selecting within Burp). This should allow you to perform a passive scan against existing request/responses.

You need to Log in to post a reply. Or register here, for free.