The following section lists what kind of tests are performed in batches from 0 to 1. Note that not all of the information mentioned here will be present in all the scans. What gets reported in 150021 and summary depends on scan configuration and the sequence taken by the scanner.
In this phase, these tests are launched on all the web application links and parameters.
- Virtual Host Discovery
- CMS Detection
- Path manipulation
- WS Directory Path manipulation
- WS enumeration
QID |
Description |
150004 |
Path Based Vulnerability |
150007 |
Web Application Authentication Method |
150009 |
Links Crawled |
150010 |
External Links Discovered |
150016 |
Sensitive Content In HTML |
150020 |
Links Rejected By Crawl Scope or Exclusion List |
150026 |
Maximum Number of Links Reached During Crawl |
150027 |
Session Cookie Does Not Contain the "secure" Attribute |
150029 |
Session Cookies |
150032 |
Session Cookie Does Not Contain The "secure" Attribute |
150034 |
U.S. Social Security Number Pattern Identified In HTML |
150035 |
HTTP Basic Authentication |
150045 |
Session Cookie Does Not Contain The "HTTPOnly" Attribute |
150081 |
X-Frame-Options header is not set |
150104 |
Form Contains Email Address Field |
150120 |
Session Cookie (Authentication Related) Does Not Contain The "secure" Attribute |
150121 |
Session Cookie (Authentication Related) Does Not Contain The "HTTPOnly" Attribute |
150122 |
Cookie Does Not Contain The "secure" Attribute |
150123 |
Cookie Does Not Contain The "HTTPOnly" Attribute |
150124 |
Clickjacking - Framable Page |
150142 |
Virtual Host Discovered |
150162 |
Use of JavaScript Library with Known Vulnerability |
150195 |
Analysis of Swagger file |
150182 |
Joomla CMS Version Detected |
150183 |
Drupal CMS Version Detected |
150184 |
WordPress Plugins Detected |
150185 |
Joomla Plugins Detection |
150186 |
Drupal Plugins Detection |
150023 |
Directory Listing |
150223 |
RichFaces Remote Code Execution Vulnerabilities |
150225 |
Use of Liferay Portal with Known Vulnerabilities |
150231 |
PrimeFaces Expression Language Remote Code Execution |
In this phase, these tests are performed on the form input fields, site links and parameters.
- URI parameter manipulation
- URI blind SQL manipulation
- URI parameter time-based tests
- Form parameter manipulation
- Form blind SQL manipulation
- Form field time-based tests
QID |
Description |
150000 |
Persistent Cross-Site Scripting (XSS) Vulnerabilities |
150001 |
Reflected Cross-Site Scripting (XSS) Vulnerabilities |
150013 |
Browser-Specific Cross-Site Scripting (XSS) Vulnerabilities |
150048 |
Browser-Specific Cross-Site Scripting In HTTP Header |
150003 |
SQL Injection |
150012 |
Blind SQL Injection |
150062 |
Flash-Based Cross-Site Scripting (XSS) |
150084 |
Unencoded characters |
In this phase, these tests are launched on all links and parameters.
- DOM XSS exploitation
- File Upload analysis
- HTTP call manipulation
- Open Redirect
- CSRF
- File Inclusion analysis
- Cookie manipulation
- Header manipulation
- Shell shock detector
- httpoxy detector
- Struts time-based detector
- Static Session ID
- Login Brute Force
- Insecurely served credentials forms detector
QID |
Description |
150002 |
Persistent Cross-Site Scripting (XSS) in HTTP Header |
150011 |
Local File Inclusion |
150046 |
Reflected Cross-Site Scripting (XSS) in HTTP Header |
150047 |
SQL Injection In HTTP Header |
150049 |
Login Brute Force Vulnerability |
150051 |
Open Redirect |
150057 |
Remote File Include |
150069 |
Static Session ID |
150071 |
Form can be manipulated with Cross-Site Request Forgery (CSRF) |
150076 |
DOM-Based Cross-Site Scripting (XSS) |
150129 |
Insufficient Session Protection/Regeneration |
150134 |
Shellshock Apache Injection |
150085 |
Slow HTTP POST vulnerability |
150156 |
HTTP Proxy injection (httpoxy) |
150174 |
Path Traversal Vulnerability |
Login forms will be tested in this phase for all QIDs that ran during Batch 1-3
- URI parameter manipulation
- Form parameter manipulation
- URI blind SQL manipulation
- Form blind SQL manipulation
- Form field time-based tests
- HTTP Time Bandit
- Path XSS manipulation
- Tomcat Vuln manipulation
- Path manipulation
- Time based path manipulation
QID |
Description |
150231 |
PrimeFaces Expression Language Remote Code Execution |
150117 |
Path-Based Cross-Site Scripting (XSS) |
150179 |
XML External Entity (XXE) Injection |
150180 |
XML External Entity (XXE) File Disclosure |
150181 |
XML External Entity (XXE) File Inclusion Error |
150190 |
Apache Tomcat Remote Code Execution Vulnerability |