What is passive Web-security testing?
Passive from what i understand is the tool monitors but does not inject any packets/inputs to the system being tested. Its more of non interactive with underlying application.
This is just my understanding, please correct me if I am wrong.
Winds of Change