FAQs
      Back to home
      1. Knowledge Base
      2. FAQs

      Scanning modes: Passive and Active

      Attaxion has two different scanning modes that employ different sets of asset discovery methods. Active allows you to find more, while passive is the more stealthy option.

      Attaxion scanner supports two scan modes: Active and Passive. The scan mode determines which analysis utilities Attaxion scanner will use. You can switch between different scan modes to optimize the scanner for your needs or disable it if for some reason you need to pause scanning.


      The default scan mode is active.  

      Different Types of Scanning Profiles

      Passive Scanning

      Passive scanning includes 7 different scanning methods:

      • WHOIS Lookup
      • Passive Subdomains Lookup
      • Reverse DNS Lookup
      • Reverse WHOIS Lookup
      • IP Geolocation Lookup
      • IP Netblocks Lookup
      • Cloud Providers Scanner
      • DNS Lookup
      • Screenshot Lookup

      In passive mode, Attaxion scanner doesn’t discover open ports or vulnerabilities, limiting the discovered asset types to domains and subdomains. This method is extremely unlikely to trigger intrusion detection systems or other defensive means of an organization.

      Also, because no vulnerability data is retrieved, the Total score on the Dashboard menu will be 0 (i.e., information unknown).

      Active Scanning

      In addition to all methods employed in the passive scanning, Active scanning relies on the following discovery tools:

      • Vulnerability Scanner
      • Web Crawler
      • Active Subdomains Scanner
      • SSL Lookup
      • Port Scanner

      This type of scanning allows to discover ports and scan for vulnerabilities, as well as adds additional methods for subdomain enumeration. Active scanning is much easier to detect by an intrusion detection system.

      How to Switch Between Scanning Modes in Attaxion


      If you want to switch from one scanning mode to another, in the Attaxion app interface, go to “Account” in the bottom of the menu on the left.

      There, under the “General” tab you will find “Scanner settings” with a 2-position switch, allowing you to choose between Active and Passive scanning. The setting is applied immediately, no need to save anything.

      active-and-passive-modes-info

      Choosing the Scanning Mode for Assets Individually

      Attaxion allows to choose a scanning mode for assets on an individual basis. That means that globally the scanner can have one mode selected, but for some assets the mode will be different.

      To change the scanning mode for an individual asset, select this asset in the "Assets" tab, and then click "Actions" in the top right corner.

      Choose "Update scanner settings" from the drop-down menu.

      There are 4 possible options:

      1. Disabled
      2. Inherit (in this case, the asset will inherit the scanning mode from it's root asset. This one is selected by default).
      3. Passive
      4. Active

      Choose one of the options – and the scanning profile for this asset will change to the one you've selected.