|
9 | 9 | <BODY> |
10 | 10 | <H1>Passive Scan</H1> |
11 | 11 | <p> |
12 | | -ZAP by default passively scans all HTTP messages (requests and responses) sent to the web application being tested.<br/> |
13 | | -Passive scanning does not change the requests nor the responses in any way and is therefore safe to use.<br/> |
14 | | -Scanning is performed in a background thread to ensure that it does not slow down the exploration |
15 | | -of an application. |
16 | | -</p> |
17 | | -<p> |
18 | | -The (main) behaviour of the passive scanner can be configured using the |
19 | | -<a href="../../ui/dialogs/options/pscanner.html">Options Passive Scanner Screen</a>. |
20 | | -</p> |
21 | | -<p> |
22 | | -Passive scanning can also be used for automatically adding <a href="tags.html">tags</a> |
23 | | -and raising <a href="alerts.html">alerts</a> for potential issues.<br> |
24 | | -A set of rules for automatic tagging are provided by default. These can be changed, deleted or |
25 | | -added to via the <a href="../../ui/dialogs/options/pscan.html">Options Passive Scan Tags screen</a>. |
26 | | -</p> |
27 | | - |
28 | | -<p> |
29 | | -The alerts raised by passive scan rules can be configured using the |
30 | | -<a href="../../ui/dialogs/options/pscanrules.html">Options Passive Scan Rules screen</a>.<br/> |
31 | | -</p> |
32 | | - |
33 | | -<H2>See also</H2> |
34 | | -<table> |
35 | | -<tr><td> </td><td> |
36 | | -<a href="../../ui/overview.html">UI Overview</a></td><td>for an overview of the user interface</td></tr> |
37 | | -<tr><td> </td><td> |
38 | | -<a href="features.html">Features</a></td><td>provided by ZAP</td></tr> |
39 | | -<tr><td> </td><td> |
40 | | -<a href="ascan.html">Active scanning</a></td><td></td></tr> |
41 | | -<tr><td> </td><td> |
42 | | -<a href="../checks.html">Scanner Rules</a></td><td>supported by default</td></tr> |
43 | | -</table> |
44 | | - |
45 | | -<H2>Official Videos</H2> |
46 | | -<table> |
47 | | -<tr><td> </td> |
48 | | -<td><a href="https://play.sonatype.com/watch/vDWpoYjHi7fSLYFDQPWgMF">ZAP In Ten: Passive Scanning</a> (10:27)</td></tr> |
49 | | -<tr><td> </td> |
50 | | -<td><a href="https://play.vidyard.com/HfENJ3GJB3zbD6sMscDrjD">ZAP In Ten: Passive Scan Scripts</a> (11:53)</td></tr> |
51 | | -<tr><td> </td> |
52 | | -<td><a href="https://www.youtube.com/watch?v=Rx42kyrB0nk">Deep Dive: Passive Scanning</a> (27:35)</td></tr> |
53 | | -</table> |
| 12 | +The passive scanner is provided by the <a href="https://www.zaproxy.org/docs/desktop/addons/passive-scanner/">Passive Scanner add-on</a>, |
| 13 | +which allows to passively scan messages (e.g. HTTP, WebSocket) proxied/sent through/by ZAP. |
54 | 14 |
|
55 | 15 | </BODY> |
56 | 16 | </HTML> |
0 commit comments