Passive Scanning

Passive scanning is a reconnaissance workflow that typically does not involve direct interaction with a digital asset, for example parsing open-source intelligence (OSINT) such as DNS enumeration or Google searches. Passive scanning may also include singular direct interaction with a digital asset through tool categories like open-source network mappers or port scanners to gather running service software versions. Passive scanning can build a basic, but unvalidated list of the externally exposed assets and alert on the possible presence of common vulnerabilities and exposures (CVE). Also see "Active Testing".