"PASSIVE_WEB_SECURITY_CHECK" Command
Description: This feature is only available for customers who have a license. Performs passive scanning on all HTTP messages (requests and responses) sent to the web application being tested without making any changes to these requests and responses. This command requires ZAP installation on your device for local runs to work.
Usage Scenario: Suppose we want to run passive scan on our Reference app.
Procedure: Follow the instructions in Dynamic Security Testing
Â
Â
Â
Â