Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish


SERVICES | Estimated Time For Deliver: 24 To 48 Hours


1) OS command injection
2) SQL injection
3) SQL injection (second order)
4) ASP.NET tracing enabled
5) File path traversal
6) XML external entity injection
7) LDAP injection
8) XPath injection
9) XML injection
10) ASP.NET debugging enabled
11) HTTP PUT method is enabled
12) Out-of-band resource load (HTTP)
13) File path manipulation
14) PHP code injection
15) Server-side JavaScript code injection
16) Perl code injection
17) Ruby code injection
18) Python code injection
19) Expression Language injection
20) Unidentified code injection
21) Server-side template injection
22) SSI injection
23) Cross-site scripting (stored)
24) HTTP request smuggling
25) Web cache poisoning
26) HTTP response header injection
27) Cross-site scripting (reflected)
28) Client-side template injection
29) Cross-site scripting (DOM-based)
30) Cross-site scripting (reflected DOM-based)
31) Cross-site scripting (stored DOM-based)
32) JavaScript injection (DOM-based)
33) JavaScript injection (reflected DOM-based)
34) JavaScript injection (stored DOM-based)
35) Path-relative style sheet import
36) Client-side SQL injection (DOM-based)
37) Client-side SQL injection (reflected DOM-based)
38) Client-side SQL injection (stored DOM-based)
39) WebSocket URL poisoning (DOM-based)
40) WebSocket URL poisoning (reflected DOM-based)
41) WebSocket URL poisoning (stored DOM-based)
42) Local file path manipulation (DOM-based)
43) Local file path manipulation (reflected DOM-based)
44) Local file path manipulation (stored DOM-based)
45) Client-side XPath injection (DOM-based)
46) Client-side XPath injection (reflected DOM-based)
47) Client-side XPath injection (stored DOM-based)
48) Client-side JSON injection (DOM-based)
49) Client-side JSON injection (reflected DOM-based)
50) Client-side JSON injection (stored DOM-based)
51) Flash cross-domain policy
52) Silverlight cross-domain policy
53) Cross-origin resource sharing
54) Cross-origin resource sharing: arbitrary origin trusted
55) Cross-origin resource sharing: unencrypted origin trusted
56) Cross-origin resource sharing: all subdomains trusted
57) Cross-site request forgery
58) SMTP header injection
59) Cleartext submission of password
60) External service interaction (DNS)
61) External service interaction (HTTP)
62) External service interaction (SMTP)
63) Referer-dependent response
64) Spoofable client IP address
65) User agent-dependent response
66) Password returned in later response
67) Password submitted using GET method
68) Password returned in URL query string
69) SQL statement in request parameter
70) Cross-domain POST
71) ASP.NET ViewState without MAC enabled
72) XML entity expansion
73) Long redirection response
74) Serialized object in HTTP message
75) Duplicate cookies set
76) Input returned in response (stored)
77) Input returned in response (reflected)
78) Suspicious input transformation (reflected)
79) Suspicious input transformation (stored)
80) Request URL override
81) Vulnerable JavaScript dependency
82) Open redirection (reflected)
83) Open redirection (stored)
84) Open redirection (DOM-based)
85) Open redirection (reflected DOM-based)
86) Open redirection (stored DOM-based)
87) TLS cookie without secure flag set
88) Cookie scoped to parent domain
89) Cross-domain Referer leakage
90) Cross-domain script include
91) Cookie without HttpOnly flag set
92) Session token in URL
93) Password field with autocomplete enabled
94) Password value set in cookie
95) File upload functionality
96) Frameable response (potential Clickjacking)
97) Browser cross-site scripting filter disabled
98) HTTP TRACE method is enabled
99) Cookie manipulation (DOM-based)
100) Cookie manipulation (reflected DOM-based)
101) Cookie manipulation (stored DOM-based)
102) Ajax request header manipulation (DOM-based)
103) Ajax request header manipulation (reflected DOM-based)
104) Ajax request header manipulation (stored DOM-based)
105) Denial of service (DOM-based)
106) Denial of service (reflected DOM-based)
107) Denial of service (stored DOM-based)
108) HTML5 web message manipulation (DOM-based)
109) HTML5 web message manipulation (reflected DOM-based)
110) HTML5 web message manipulation (stored DOM-based)
111) HTML5 storage manipulation (DOM-based)
112) HTML5 storage manipulation (reflected DOM-based)
113) HTML5 storage manipulation (stored DOM-based)
114) Link manipulation (DOM-based)
115) Link manipulation (reflected DOM-based)
116) Link manipulation (stored DOM-based)
117) Link manipulation (reflected)
118) Link manipulation (stored)
119) Document domain manipulation (DOM-based)
120) Document domain manipulation (reflected DOM-based)
121) Document domain manipulation (stored DOM-based)
122) DOM data manipulation (DOM-based)
123) DOM data manipulation (reflected DOM-based)
124) DOM data manipulation (stored DOM-based)
125) CSS injection (reflected)
126) CSS injection (stored)
127) Client-side HTTP parameter pollution (reflected)
128) Client-side HTTP parameter pollution (stored)
129) Form action hijacking (reflected)
130) Form action hijacking (stored)
131) Database connection string disclosed
132) Source code disclosure
133) Backup file
134) Directory listing
135) Email addresses disclosed
136) Private IP addresses disclosed
137) Social security numbers disclosed
138) Credit card numbers disclosed
139) Private key disclosed
140) Robots.txt file
141) Cacheable HTTPS response
142) Base64-encoded data in parameter
143) Multiple content types specified
144) HTML does not specify charset
145) HTML uses unrecognized charset
146) Content type incorrectly stated
147) Content type is not specified
148) TLS certificate
149) Unencrypted communications
150) Strict transport security not enforced
151) Mixed content
152) Hidden HTTP 2
153) Extension generated issue

National Cyber Security