Modules refer to the YAML templates that are used to identify vulnerabilities in web applications. Each module is designed to detect a specific type of vulnerability, such as misconfiguration or cross-site scripting, and can be customized by the user to suit their needs. Modules are the building blocks of our tool and enable security researchers to efficiently scan web applications for potential vulnerabilities.
You can run modules from our Module Library or define your own module using our visual or code editors.
Modules can be run in Active and Passive modes. Active mode means that you can execute module and batch of requests will be sent, only responses from these requests will be searched for vulnerability. Passive modes alow you to look for issue in each response made by tool in your account - meaning that all feature scans will include check for this vulnerability as well.
Some modules can only be executed in Active mode. Passive mode modules are tagged.