List of Web Application Security Checks

Web Application Security Checks

Checks

Syhunt's database is the culmination of years of research by Syhunt and includes checks for a extremely wide array of different web application security threats, as shown below.

Check	CWE
Authentication Vulnerabilities
Authentication Bypass / Broken Authentication	CWE-287
Automated Authentication Brute Force (Form & HTTP-Based)
Password Disclosure	CWE-311
Unencrypted Login	CWE-319
Weak Password Hashing
Breach Confirmation
Breach Confirmation through Dynamic Analysis
Breach Confirmation through Source Code Analysis
Breach Confirmation through Web Server Log Analysis
Hidden Debug Parameter Discovery through Dynamic Analysis
Hidden Debug Parameter Discovery through Source Code Analysis
Hidden Debug Parameter Discovery and Injection through Hybrid Analysis
Inappropriate Content Detection
Malicious Content Detection
Web-Based Backdoor Detection through Dynamic Analysis
Web-Based Backdoor Detection through Source Code Analysis
Command Execution	CWE-78
Command Execution through Dynamic Analysis
Command Execution through Source Code Analysis
Cross-Site Scripting (XSS)	CWE-79
Cross-Site Scripting (XSS) through Dynamic Analysis
Cross-Site Scripting (XSS) through Source Code Analysis
Weak XSS Filter/Validation Bypass through Dynamic Analysis
Weak XSS Filter/Validation Bypass through Source Code Analysis
HTML5 Specific XSS
File Inclusion	CWE-98
Local File Inclusion (LFI) through Dynamic Analysis
Remote File Inclusion (RFI) through Dynamic Analysis
Local File Inclusion (LFI) through Source Code Analysis
Remote File Inclusion (RFI) through Source Code Analysis
NoSQL Injection
NoSQL Injection through Dynamic Analysis (Error-Based)
NoSQL Injection through Dynamic Analysis (Time-Based)
NoSQL Injection through Source Code Analysis
NoSQL Injection in MongoDB
SQL Injection	CWE-89
SQL Injection through Dynamic Analysis (Error-Based)
SQL Injection through Dynamic Analysis (Blind)
SQL Injection through Dynamic Analysis (Time-Based)
SQL Injection through Source Code Analysis
SQL Injection through Source Code Analysis (HQL)
Code Injection	CWE-94
Code Injection through Dynamic Analysis (Print-Based)
Code Injection through Dynamic Analysis (Time-Based)
Code Injection in ASP Classic
Code Injection in ASP.NET
Code Injection in Java/JSP
Code Injection in Lua (Nginx, Apache, CGI-Lua, etc)
Code Injection in Perl
Code Injection in PHP
Code Injection in Python
Code Injection in Ruby
Code Injection in Server-Side JavaScript
Source Code Disclosure	CWE-540
Source Code Disclosure through Injection
Source Code Disclosure through Content Analysis
Source Code Disclosure (ASP Classic)
Source Code Disclosure (ASP.NET)
Source Code Disclosure (Java/JSP)
Source Code Disclosure (Lua)
Source Code Disclosure (Perl)
Source Code Disclosure (PHP)
Source Code Disclosure (SSI)
Extension Checking
Double Extension Checking
Common Backup Extensions
Structure Brute Force
Admin Pages
Common Backup Files
Common Backup Folders
Database Disclosure
Old/Backup Files	CWE-530
Common Form Weaknesses
Email Form Hijacking
Hidden Price Form Field
AutoComplete Enabled (in sensitive form inputs)
Unencrypted Credit Card Transaction
Denial-of-Service (DoS)	CWE-730
Client-Side Denial-of-Service
Denial-of-Service through Injection
Buffer Overflow	CWE-120
Multiple Disclosure Vulnerabilities
Common Exposures
Information Disclosure through Injection	CWE-200
Information Disclosure through Content Analysis	CWE-200
Information Disclosure through Source Code Analysis	CWE-497
Internal IP Address Disclosure	CWE-200
Path Disclosure through Injection	CWE-211
Path Disclosure through Content Analysis	CWE-211
Directory Listing	CWE-548
Web Technology Disclosures
Suspicious HTML Comments
Log Forging	CWE-117
Log Forging through Source Code Analysis
XPath Injection	CWE-91
XPath Injection through Dynamic Analysis
XPath Injection through Source Code Analysis
LDAP Injection	CWE-90
LDAP Injection through Dynamic Analysis
LDAP Injection through Source Code Analysis
Unvalidated Redirects	CWE-601
Unvalidated Redirects through Dynamic Analysis
Unvalidated Redirects through Source Code Analysis
CRLF Header Injection	CWE-93
CRLF Header Injection through Dynamic Analysis
CRLF Header Injection through Source Code Analysis
Expression Language (EL) Injection	CWE-917
Cookie Manipulation
Cross Frame Scripting	CWE-352
Dangerous Methods	CWE-749
Default Content	CWE-276
Directory Traversal	CWE-22
Server-Specific Vulnerabilities in IIS, iPlanet & Others
Server-Side Request Forgery	CWE-918
Server-Side Includes (SSI) Injection
XML Injection	CWE-661
XML External Entity (XXE) Injection	CWE-827
XML External Entity (XXE) Injection through Dynamic Analysis
XML External Entity (XXE) Injection through Source Code Analysis
Known Vulnerable Apps
Known Vulnerable Apps (Apache Struts)
Known Vulnerable Apps (ASP Classic)
Known Vulnerable Apps (ASP.Net)
Known Vulnerable Apps (ColdFusion)
Known Vulnerable Apps (Dynamic HTML)
Known Vulnerable Apps (Flash)
Known Vulnerable Apps (Java / JSP)
Known Vulnerable Apps (Perl)
Known Vulnerable Apps (Python)
Known Vulnerable Apps (Ruby)
Known Vulnerable Apps (SSI)
Known Vulnerable Apps (IIS)

Compare Checks Between Editions

Supported Server-Side Languages (DAST)

Supported Server-Side Languages (SAST)

Supported Databases (SQL Injection Detection)

Access
DB2
dbx
Firebird/InterBase
FrontBase
Informix
Ingres
MaxDB
mSQL
MySQL
Oracle
Ovrimos
PostgreSQL
SQL Server
SQLite
Swish
Sybase