Versions Compared

Old Version 179

changes.mady.by.user Laura Mandolini

Saved on

compared with

New Version 180

changes.mady.by.user Laura Mandolini

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

With Dynamic Reviewer Light-PenTest module, you can inspect your web application during running, directly using your Browser.

...

You can import third-party Security Scanners results. They will be correlated automatically.

Dynamic Reviewer DAST provides a robust and stable framework for Web Application Security Testing, suitable for all Security Analysts, QA and Developers with False Positives and False Negatives support. It is built over an optimum mix of Manual and Automated Testing and allows designing customised penetration tests, offering an easy-to-use GUI and advanced Scan capabilities.

...

In essence, you have access to roughly the same information that your favorite debugger (for example, FireBug) would provide, as if you had set a breakpoint to take place at the right time for identifying an issue.

Web Security Issues

Dynamic Reviewer runs testing to identify all of the major web application security vulnerabilities, such as SQL Injection, Cross-Site Scripting, Cross Site Request Forgery, and more. Dynamic Reviewer has an ever growing list of tests that are run against the application and APIs to identify potential security vulnerabilities.

Dynamic Reviewer provides the following HTTP passive and active scan rules which find specific vulnerabilities.

Note that these are examples of the alerts raised - many rules include different details depending on the exact problem encountered.

Id

Ossue

Risk

Type

0

Directory Browsing

Medium

Active

2

Private IP Disclosure

Low

Passive

3

Session ID in URL Rewrite

Medium

Passive

6

Path Traversal

High

Active

7

Remote File Inclusion

High

Active

41

Source Code Disclosure - Git

High

Active

42

Source Code Disclosure - SVN

Medium

Active

43

Source Code Disclosure - File Inclusion

High

Active

10003

Vulnerable JS Library (Powered by Retire.js)

High

Passive

10009

In Page Banner Information Leak

High

Passive

10010

Cookie No HttpOnly Flag

Low

Passive

10011

Cookie Without Secure Flag

Low

Passive

10015

Re-examine Cache-control Directives

Informational

Passive

10016

Web Browser XSS Protection Not Enabled

High

Passive

10017

Cross-Domain JavaScript Source File Inclusion

Low

Passive

10019

Content-Type Header Missing

Informational

Passive

10020

Anti-clickjacking Header

High

Passive

10020-1

Missing Anti-clickjacking Header

Medium

Passive

10020-2

Multiple X-Frame-Options Header Entries

Medium

Passive

10020-3

X-Frame-Options Defined via META (Non-compliant with Spec)

Medium

Passive

10020-4

X-Frame-Options Setting Malformed

Medium

Passive

10021

X-Content-Type-Options Header Missing

Low

Passive

10023

Information Disclosure - Debug Error Messages

Low

Passive

10024

Information Disclosure - Sensitive Information in URL

Informational

Passive

10025

Information Disclosure - Sensitive Information in HTTP Referrer Header

Informational

Passive

10026

HTTP Parameter Override

High

Passive

10027

Information Disclosure - Suspicious Comments

Informational

Passive

10028

Open Redirect

Medium

Passive

10029

Cookie Poisoning

Medium

Passive

10030

User Controllable Charset

Medium

Passive

10031

User Controllable HTML Element Attribute (Potential XSS)

Medium

Passive

10032

Viewstate

Medium

Passive

10032-1

Potential IP Addresses Found in the Viewstate

Medium

Passive

10032-2

Emails Found in the Viewstate

Medium

Passive

10032-3

Old Asp.Net Version in Use

Low

Passive

10032-4

Viewstate without MAC Signature (Unsure)

High

Passive

10032-5

Viewstate without MAC Signature (Sure)

High

Passive

10032-6

Split Viewstate in Use

Informational

Passive

10033

Directory Browsing

High

Passive

10034

Heartbleed OpenSSL Vulnerability (Indicative)

High

Passive

10035

Strict-Transport-Security Header

High

Passive

10036

HTTP Server Response Header

High

Passive

10037

Server Leaks Information via 'X-Powered-By' HTTP Response Header Field(s)

Low

Passive

10038

Content Security Policy (CSP) Header Not Set

High

Passive

10039

X-Backend-Server Header Information Leak

High

Passive

10040

Secure Pages Include Mixed Content

High

Passive

10041

HTTP to HTTPS Insecure Transition in Form Post

High

Passive

10042

HTTPS to HTTP Insecure Transition in Form Post

High

Passive

10043

User Controllable JavaScript Event (XSS)

High

Passive

10044

Big Redirect Detected (Potential Sensitive Information Leak)

High

Passive

10045

Source Code Disclosure - /WEB-INF folder

High

Active

10046

Insecure Component

Medium

Passive

10047

HTTPS Content Available via HTTP

Low

Active

10048

Remote Code Execution - Shell Shock

High

Active

10049

Content Cacheability

Medium

Passive

10050

Retrieved from Cache

Medium

Passive

10051

Relative Path Confusion

Medium

Active

10052

X-ChromeLogger-Data (XCOLD) Header Information Leak

Medium

Passive

10053

Apache Range Header DoS (CVE-2011-3192)

Medium

Active

10054

Cookie without SameSite Attribute

Low

Passive

10055

CSP

Medium

Passive

10056

X-Debug-Token Information Leak

Low

Passive

10057

Username Hash Found

Informational

Passive

10058

GET for POST

Informational

Active

10061

X-AspNet-Version Response Header

Low

Passive

10062

PII Disclosure

Medium

Passive

10063

Permissions Policy Header Not Set

Medium

Passive

10070

Use of SAML

Medium

Passive

10094

Base64 Disclosure

Medium

Passive

10095

Backup File Disclosure

Medium

Active

10096

Timestamp Disclosure

Low

Passive

10097

Hash Disclosure

Medium

Passive

10098

Cross-Domain Misconfiguration

Medium

Passive

10099

Source Code Disclosure

High

Passive

10103

Image Exposes Location or Privacy Data

Informational

Passive

10104

User Agent Fuzzer

Informational

Active

10105

Weak Authentication Method

High

Passive

10106

HTTP Only Site

Medium

Active

10107

Httpoxy - Proxy Header Misuse

High

Active

10108

Reverse Tabnabbing

Medium

Passive

10109

Modern Web Application

Medium

Passive

10110

Dangerous JS Functions

Medium

Passive

10202

Absence of Anti-CSRF Tokens

Medium

Passive

20012

Anti-CSRF Tokens Check

Medium

Active

20014

HTTP Parameter Pollution

Informational

Active

20015

Heartbleed OpenSSL Vulnerability

High

Active

20016

Cross-Domain Misconfiguration

High

Active

20017

Source Code Disclosure - CVE-2012-1823

High

Active

20018

Remote Code Execution - CVE-2012-1823

High

Active

20019

External Redirect

High

Active

30001

Buffer Overflow

Medium

Active

30002

Format String Error

Medium

Active

30003

Integer Overflow Error

Medium

Active

40003

CRLF Injection

Medium

Active

40008

Parameter Tampering

Medium

Active

40009

Server Side Include

High

Active

40012

Cross Site Scripting (Reflected)

High

Active

40013

Session Fixation

High

Active

40014

Cross Site Scripting (Persistent)

High

Active

40015

LDAP Injection

High

Active

40016

Cross Site Scripting (Persistent) - Prime

Informational

Active

40017

Cross Site Scripting (Persistent) - Spider

Informational

Active

40018

SQL Injection

High

Active

40019

SQL Injection - MySQL

High

Active

40020

SQL Injection - Hypersonic SQL

High

Active

40021

SQL Injection - Oracle

High

Active

40022

SQL Injection - PostgreSQL

High

Active

40023

Possible Username Enumeration

Informational

Active

40024

SQL Injection - SQLite

High

Active

40025

Proxy Disclosure

Medium

Active

40026

Cross Site Scripting (DOM Based)

High

Active

40027

SQL Injection - MsSQL

High

Active

40028

ELMAH Information Leak

Medium

Active

40029

Trace.axd Information Leak

Medium

Active

40031

Out of Band XSS

High

Active

40032

.htaccess Information Leak

Medium

Active

40033

NoSQL Injection - MongoDB

High

Active

40034

.env Information Leak

Medium

Active

40035

Hidden File Finder

Medium

Active

40036

JWT Scan Rule

Medium

Active

40038

Bypassing 403

Medium

Active

40039

Web Cache Deception

Medium

Active

40040

CORS Header

Informational

Active

40040-1

CORS Header

Informational

Active

40040-2

CORS Misconfiguration

Medium

Active

40040-3

CORS Misconfiguration

High

Active

40041

File Upload

Medium

Active

40042

Spring Actuator Information Leak

Medium

Active

40043

Log4Shell

High

Active

40043-1

Log4Shell (CVE-2021-44228)

High

Active

40043-2

Log4Shell (CVE-2021-45046)

High

Active

40044

Exponential Entity Expansion (Billion Laughs Attack)

Medium

Active

40045

Spring4Shell

High

Active

90001

Insecure JSF ViewState

Medium

Passive

90002

Java Serialization Object

Medium

Passive

90003

Sub Resource Integrity Attribute Missing

High

Passive

90004

Insufficient Site Isolation Against Spectre Vulnerability

High

Passive

90004-1

Insufficient Site Isolation Against Spectre Vulnerability

Low

Passive

90004-2

Insufficient Site Isolation Against Spectre Vulnerability

Low

Passive

90004-3

Insufficient Site Isolation Against Spectre Vulnerability

Low

Passive

90011

Charset Mismatch

Informational

Passive

90017

XSLT Injection

Medium

Active

90018

Advanced SQL Injection

High

Active

90019

Server Side Code Injection

High

Active

90020

Remote OS Command Injection

High

Active

90021

XPath Injection

High

Active

90022

Application Error Disclosure

Medium

Passive

90023

XML External Entity Attack

High

Active

90024

Generic Padding Oracle

High

Active

90025

Expression Language Injection

High

Active

90026

SOAP Action Spoofing

High

Active

90027

Cookie Slack Detector

Informational

Active

90028

Insecure HTTP Method

Medium

Active

90029

SOAP XML Injection

High

Active

90030

WSDL File Detection

Informational

Passive

90033

Loosely Scoped Cookie

Informational

Passive

90034

Cloud Metadata Potentially Exposed

High

Active

90035

Server Side Template Injection

High

Active

90036

Server Side Template Injection (Blind)

High

Active

110001

Application Error Disclosure via WebSockets

Medium

WebSocket Passive

110002

Base64 Disclosure in WebSocket message

Informational

WebSocket Passive

110003

Information Disclosure - Debug Error Messages via WebSocket

Low

WebSocket Passive

110004

Email address found in WebSocket message

Informational

WebSocket Passive

110005

Personally Identifiable Information via WebSocket

High

WebSocket Passive

110006

Private IP Disclosure via WebSocket

Low

WebSocket Passive

110007

Username Hash Found in WebSocket message

Informational

WebSocket Passive

110008

Information Disclosure - Suspicious Comments in XML via WebSocket

Informational

WebSocket Passive

Note that these are examples of the alerts raised - many rules include different details depending on the exact problem encountered.

DOM Security Issues

The list of DOM Security Issues found by Dynamic Reviewer are:

...

DISCLAIMER: Due we make use of open source components (w3af, pWeb, dradis, wXf, OSVDB), we do not sell the product, but we offer a yearly subscription-based Commercial Support to selected Customers, plus our Commercial Security Scanner. 

COPYRIGHT (C) 2014-2022 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.