Test Buckets
| Bucket Name | API ID | Description |
|---|---|---|
| Advanced Attacks | advanced | Attacks potentially causing a temporary disruption to the backend infrastructure. Use with caution and don’t target against production environments. |
| API Attacks | api | Attacks targeting API-based infrastructure and attempting to override API mechanisms and logic or run backend code |
| Business Logic Attacks | business_logic | Attacks attempting to bypass application logic's constraints, manipulate legitimate functionality to achieve a malicious goal. Tests may lead to false positive findings. |
| Client-Side Attacks | client_side | Attacks targeting client UI and client-side code to steal user cookies impersonate the user and perform actions on his behalf. |
| CVE Tests | cve | Passive CVE signature-based tests. |
| Legacy Attacks | legacy | Attacks that haven't been widely exploited in the wild in recent time. |
| Multiple Authentication Attacks | multiple_authentication_attacks | Attacks leveraging multiple authentications to identify vulnerabilities that bypass security controls and expose unauthorized access. |
| Server-Side Attacks | server_side | Attacks trying to exploit server-side architecture and code. |
Updated 3 months ago