Test Buckets
Bucket Name | API ID | Description |
---|---|---|
Advanced Attacks | advanced | Attacks potentially causing a temporary disruption to the backend infrastructure. Use with caution and don’t target against production environments. |
API Attacks | api | Attacks targeting API-based infrastructure and attempting to override API mechanisms and logic or run backend code |
Business Logic Attacks | business_logic | Attacks attempting to bypass application logic's constraints, manipulate legitimate functionality to achieve a malicious goal. Tests may lead to false positive findings. |
Client-Side Attacks | client_side | Attacks targeting client UI and client-side code to steal user cookies impersonate the user and perform actions on his behalf. |
CVE Tests | cve | Passive CVE signature-based tests. |
Legacy Attacks | legacy | Attacks that haven't been widely exploited in the wild in recent time. |
Multiple Authentication Attacks | multiple_authentication_attacks | Attacks leveraging multiple authentications to identify vulnerabilities that bypass security controls and expose unauthorized access. |
Server-Side Attacks | server_side | Attacks trying to exploit server-side architecture and code. |
Updated 4 days ago