Правила активного сканирования - Альфа
The following alpha status active scan rules are included in this add-on:
LDAP Injection
LDAP Injection may be possible. Злоумышленник может обойти элементы управления аутентификацией, а также просмотреть и изменить произвольные данные в каталоге LDAP.
Skips messages which originally resulted in a client or server error response status code.
Latest code: LdapInjectionScanRule.java
Alert ID: 40015.
NoSQL Injection - MongoDB
This rule attempts to identify MongoDB specific NoSQL Injection vulnerabilities. Он пытается предпринять различные типы атак, в том числе: логические, основанные на ошибках, основанные на времени и обход аутентификации.
It does not include time based attacks. Он также будет пытаться использовать полезные данные, специфичные для параметра JSON, если сканирование настроено на включение вариантов параметров JSON.
Latest code: MongoDbInjectionScanRule.java
Alert ID: 40033.
NoSQL Injection - MongoDB (Time Based)
This rule attempts to identify MongoDB specific NoSQL Injection vulnerabilities using only time based attacks.
Latest code: MongoDbInjectionTimingScanRule.java
Alert ID: 90039.
Web Cache Deception
This rule attempts to identify Web Cache Deception vulnerabilities. It checks whether a static path appended to original URIs can be used to leak sensitive user information or not.
- User must be authenticated before using this rule
Latest code: WebCacheDeceptionScanRule.java
Alert ID: 40039.
Suspicious Input Transformation
This is an active script scan rule. It detects various types of suspicious input transformations that may indicate
potential security vulnerabilities such as template injection, expression evaluation, quote consumption, and issues
related to unicode normalization.
This rule is largely adapted from the "Suspect Transform" check included in the ActiveScan++ extension for Burp
Suite by
Albinowax: SuspectTransform.java.
Latest code: SuspiciousInputTransformation.js
Alert ID: 100044.