Passive Analyzer

Never miss potential critical vulnerabilities

The passive analyzer is run automatically on every request and response originated or captured by our tools. Potential high-risk issues such as SQL Injection, Error disclosure, sensitive information leakage and much more are automatically detected. With this feature, you will never miss a vulnerability deep into the HTML document structure.

Detailed Reporting

Everything is clearly explained with detailed information on the impact and solutions. Error messages and other useful information is extracted automatically for immediate use. The request and response are also captured for evidence and further investigation.

Getting Started

The passive analyzer runs in the background in tools such as rest, HTTPView and Fuzzer.

  1. Open rest.

  2. Press the send button to send the request.

  3. Check the Issues tab in the HTTP response section for details.

Powerful Security Testing Engine

The passive analyzer is powered by one of the most advanced web security testing engines available today written with performance, sane memory management and stability in mind. The testing engine covers well over 60 generic vulnerability checks from Remote Code Execution, SQL Injection, and Local File Inclusion to Cross-site Scripting, Request Forgery and much more.