| Class | Description |
|---|---|
| BadHexadecimalConversionDetector | |
| CipherWithNoIntegrityDetector |
This detector mark cipher usage that doesn't provide integrity.
|
| CustomMessageDigestDetector |
Implementing a custom solution for message digest should not promote.
|
| ErrorMessageExposureDetector |
Printing error messages to standard output may expose security-sensitive information,
and such an exposure of unencrypted information would be vulnerable as reported
by CWE-209 (https://cwe.mitre.org/data/deffinitions/209.html).
|
| EsapiEncryptorDetector |
This detector identify the usage of ESAPI cryptography components.
|
| HazelcastSymmetricEncryptionDetector |
http://code.google.com/p/hazelcast/wiki/Encryption
|
| InsecureSmtpSslDetector | |
| InsufficientKeySizeBlowfishDetector | |
| InsufficientKeySizeRsaDetector |
Similar to the blowfish key size detector
|
| NullCipherDetector | |
| StaticIvDetector |
The main goal of the this detector is to find encryption being done with static initialization vector (IV).
|
| UnencryptedServerSocketDetector | |
| UnencryptedSocketDetector | |
| WeakMessageDigestDetector |
Identifies the use of MD2, MD5 and SHA1 hash function and recommends the
use of modern functions.
|
| WeakTLSDetector | |
| WeakTrustManagerDetector |
The first reflex for developer that encounter web services that have unsigned certificate
is often to trust all certificates.
|
Copyright © 2019. All rights reserved.