The growth in the Internet poses privacy challenges, prompting the development of anonymous communication systems like the most widely used Tor (the second-generation onion router). However, the notable anonymity offered by Tor has inadvertently made it a breeding ground for criminal activities, attracting miscreants engaged in illegal trading and cybercrime. One of the most prevalent techniques for de-anonymizing Tor is Tor passive traffic analysis, where in anonymity is compromised by passively observing network traffic. This study aims to delve into the fundamental concepts of Tor and traffic analysis, elucidate application scenarios and threat models, and classify existing works into two categories: traffic identification & classification, and flow correlation. Subsequently, their respective traffic collection methods, feature extraction techniques, and algorithms are compared and analyzed. Finally, the primary challenges faced by current research in this domain are concluded and future research directions are proposed.