Test Buckets

Bucket NameAPI IDDescription
Advanced AttacksadvancedAttacks potentially causing a temporary disruption to the backend infrastructure. Use with caution and don’t target against production environments.
API AttacksapiAttacks targeting API-based infrastructure and attempting to override API mechanisms and logic or run backend code
Business Logic Attacksbusiness_logicAttacks attempting to bypass application logic's constraints, manipulate legitimate functionality to achieve a malicious goal. Tests may lead to false positive findings.
Client-Side Attacksclient_sideAttacks targeting client UI and client-side code to steal user cookies impersonate the user and perform actions on his behalf.
CVE TestscvePassive CVE signature-based tests.
Legacy AttackslegacyAttacks that haven't been widely exploited in the wild in recent time.
Multiple Authentication Attacksmultiple_authentication_attacksAttacks leveraging multiple authentications to identify vulnerabilities that bypass security controls and expose unauthorized access.
Server-Side Attacksserver_sideAttacks trying to exploit server-side architecture and code.